Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
11 vulnerabilities by Tenable, Inc.
CVE-2026-33694 (GCVE-0-2026-33694)
Vulnerability from nvd – Published: 2026-04-23 18:09 – Updated: 2026-04-24 03:55
VLAI
Title
Junction File Manipulation
Summary
This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-59 - Improper link resolution before file access ('link following')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable, Inc. | Tenable Nessus, Tenable Nessus Agent |
Affected:
Nessus Agent , ≤ 11.1.2
(.msi)
Affected: Nessus , ≤ 10.11.3 (.msi) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33694",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T03:55:34.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Tenable Nessus, Tenable Nessus Agent",
"vendor": "Tenable, Inc.",
"versions": [
{
"lessThanOrEqual": "11.1.2",
"status": "affected",
"version": "Nessus Agent",
"versionType": ".msi"
},
{
"lessThanOrEqual": "10.11.3",
"status": "affected",
"version": "Nessus",
"versionType": ".msi"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges."
}
],
"value": "This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper link resolution before file access (\u0027link following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T18:09:41.682Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://tenable.com/security/tns-2026-12"
},
{
"url": "https://tenable.com/security/tns-2026-13"
}
],
"source": {
"advisory": "TNS-2026-12, TNS-2026-13",
"discovery": "UNKNOWN"
},
"title": "Junction File Manipulation",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2026-33694",
"datePublished": "2026-04-23T18:09:41.682Z",
"dateReserved": "2026-03-23T16:39:06.329Z",
"dateUpdated": "2026-04-24T03:55:34.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4433 (GCVE-0-2026-4433)
Vulnerability from nvd – Published: 2026-03-24 20:26 – Updated: 2026-03-25 14:27
VLAI
Summary
An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-16 - Configuration
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable, Inc. | Tenable Operation Technology |
Affected:
3.18.58 , ≤ 4.2.40
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:23:02.123837Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:27:17.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"64 bit"
],
"product": "Tenable Operation Technology",
"vendor": "Tenable, Inc.",
"versions": [
{
"lessThanOrEqual": "4.2.40",
"status": "affected",
"version": "3.18.58",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host."
}
],
"value": "An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 1.9,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-16",
"description": "CWE-16: Configuration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T20:26:15.338Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/tns-2026-9"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eTenable has released Tenable OT Security and Tenable OT Security Enterprise Manager ISOs that contains the fix for new installations of the product. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/tenable-appliance).\u003c/p\u003e\u003cp\u003eTenable has released the patch to address this issue within the currently deployed products.\u003c/p\u003e"
}
],
"value": "Tenable has released Tenable OT Security and Tenable OT Security Enterprise Manager ISOs that contains the fix for new installations of the product. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/tenable-appliance).\n\nTenable has released the patch to address this issue within the currently deployed products."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2026-4433",
"datePublished": "2026-03-24T20:26:15.338Z",
"dateReserved": "2026-03-19T16:38:57.418Z",
"dateUpdated": "2026-03-25T14:27:17.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-33757 (GCVE-0-2022-33757)
Vulnerability from nvd – Published: 2022-10-24 21:12 – Updated: 2025-05-07 14:06
VLAI
Summary
An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Broken Access Control
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/tns-2022-11 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable, Inc. | Tenable Nessus |
Affected:
0 , < 10.2.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:22.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2022-11"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-33757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T14:05:39.857078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T14:06:42.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Tenable Nessus",
"vendor": "Tenable, Inc.",
"versions": [
{
"lessThan": "10.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Broken Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-24T21:12:00.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tenable.com/security/tns-2022-11"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-33757",
"datePublished": "2022-10-24T21:12:00.000Z",
"dateReserved": "2022-06-15T00:00:00.000Z",
"dateUpdated": "2025-05-07T14:06:42.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-33694 (GCVE-0-2026-33694)
Vulnerability from cvelistv5 – Published: 2026-04-23 18:09 – Updated: 2026-04-24 03:55
VLAI
Title
Junction File Manipulation
Summary
This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-59 - Improper link resolution before file access ('link following')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable, Inc. | Tenable Nessus, Tenable Nessus Agent |
Affected:
Nessus Agent , ≤ 11.1.2
(.msi)
Affected: Nessus , ≤ 10.11.3 (.msi) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33694",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-23T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T03:55:34.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Tenable Nessus, Tenable Nessus Agent",
"vendor": "Tenable, Inc.",
"versions": [
{
"lessThanOrEqual": "11.1.2",
"status": "affected",
"version": "Nessus Agent",
"versionType": ".msi"
},
{
"lessThanOrEqual": "10.11.3",
"status": "affected",
"version": "Nessus",
"versionType": ".msi"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges."
}
],
"value": "This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper link resolution before file access (\u0027link following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T18:09:41.682Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://tenable.com/security/tns-2026-12"
},
{
"url": "https://tenable.com/security/tns-2026-13"
}
],
"source": {
"advisory": "TNS-2026-12, TNS-2026-13",
"discovery": "UNKNOWN"
},
"title": "Junction File Manipulation",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2026-33694",
"datePublished": "2026-04-23T18:09:41.682Z",
"dateReserved": "2026-03-23T16:39:06.329Z",
"dateUpdated": "2026-04-24T03:55:34.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4433 (GCVE-0-2026-4433)
Vulnerability from cvelistv5 – Published: 2026-03-24 20:26 – Updated: 2026-03-25 14:27
VLAI
Summary
An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-16 - Configuration
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable, Inc. | Tenable Operation Technology |
Affected:
3.18.58 , ≤ 4.2.40
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:23:02.123837Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:27:17.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"64 bit"
],
"product": "Tenable Operation Technology",
"vendor": "Tenable, Inc.",
"versions": [
{
"lessThanOrEqual": "4.2.40",
"status": "affected",
"version": "3.18.58",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host."
}
],
"value": "An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 1.9,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-16",
"description": "CWE-16: Configuration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T20:26:15.338Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/tns-2026-9"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eTenable has released Tenable OT Security and Tenable OT Security Enterprise Manager ISOs that contains the fix for new installations of the product. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/tenable-appliance).\u003c/p\u003e\u003cp\u003eTenable has released the patch to address this issue within the currently deployed products.\u003c/p\u003e"
}
],
"value": "Tenable has released Tenable OT Security and Tenable OT Security Enterprise Manager ISOs that contains the fix for new installations of the product. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/tenable-appliance).\n\nTenable has released the patch to address this issue within the currently deployed products."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2026-4433",
"datePublished": "2026-03-24T20:26:15.338Z",
"dateReserved": "2026-03-19T16:38:57.418Z",
"dateUpdated": "2026-03-25T14:27:17.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-33757 (GCVE-0-2022-33757)
Vulnerability from cvelistv5 – Published: 2022-10-24 21:12 – Updated: 2025-05-07 14:06
VLAI
Summary
An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Broken Access Control
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/tns-2022-11 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable, Inc. | Tenable Nessus |
Affected:
0 , < 10.2.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:22.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2022-11"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-33757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T14:05:39.857078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T14:06:42.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Tenable Nessus",
"vendor": "Tenable, Inc.",
"versions": [
{
"lessThan": "10.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Broken Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-24T21:12:00.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tenable.com/security/tns-2022-11"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-33757",
"datePublished": "2022-10-24T21:12:00.000Z",
"dateReserved": "2022-06-15T00:00:00.000Z",
"dateUpdated": "2025-05-07T14:06:42.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2018-000052
Vulnerability from jvndb - Published: 2018-05-21 13:39 - Updated:2018-08-30 13:47
Severity
Summary
Nessus vulnerable to cross-site scripting
Details
Nessus provided by Tenable, Inc. contains a stored cross-site scripting vulnerability (CWE-79).
Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000052.html",
"dc:date": "2018-08-30T13:47+09:00",
"dcterms:issued": "2018-05-21T13:39+09:00",
"dcterms:modified": "2018-08-30T13:47+09:00",
"description": "Nessus provided by Tenable, Inc. contains a stored cross-site scripting vulnerability (CWE-79).\r\n\r\nToshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000052.html",
"sec:cpe": {
"#text": "cpe:/a:tenable:nessus",
"@product": "Nessus",
"@vendor": "Tenable, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "6.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2018-000052",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN96954395/index.html",
"@id": "JVN#96954395",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1147",
"@id": "CVE-2018-1147",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-1147",
"@id": "CVE-2018-1147",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Nessus vulnerable to cross-site scripting"
}
JVNDB-2018-000034
Vulnerability from jvndb - Published: 2018-04-12 14:33 - Updated:2018-06-14 14:20
Severity
Summary
Tenable Appliance vulnerable to cross-site scripting
Details
Tenable Appliance provided by Tenable, Inc. contains a stored cross-site scripting vulnerability (CWE-79).
Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000034.html",
"dc:date": "2018-06-14T14:20+09:00",
"dcterms:issued": "2018-04-12T14:33+09:00",
"dcterms:modified": "2018-06-14T14:20+09:00",
"description": "Tenable Appliance provided by Tenable, Inc. contains a stored cross-site scripting vulnerability (CWE-79).\r\n\r\nToshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000034.html",
"sec:cpe": {
"#text": "cpe:/a:tenable:appliance",
"@product": "Tenable Appliance",
"@vendor": "Tenable, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "5.4",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2018-000034",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN71255137/index.html",
"@id": "JVN#71255137",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1142",
"@id": "CVE-2018-1142",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-1142",
"@id": "CVE-2018-1142",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Tenable Appliance vulnerable to cross-site scripting"
}
JVNDB-2017-000082
Vulnerability from jvndb - Published: 2017-05-09 13:52 - Updated:2017-11-27 16:55
Severity
Summary
Nessus vulnerable to cross-site scripting
Details
Nessus provided by Tenable Network Security, Inc. contains a stored cross-site scripting vulnerability (CWE-79) (CVE-2017-2122).
An authenticated user may store crafted contents to Nessus.
According to the developer, another stored cross-site scripting vulnerability (CVE-2017-5179) was found and fixed in Nessus 6.9.3 as well as the issue of CVE-2017-2122.
For more information, please see the developer's advisory.
Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability (CVE-2017-2122) to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000082.html",
"dc:date": "2017-11-27T16:55+09:00",
"dcterms:issued": "2017-05-09T13:52+09:00",
"dcterms:modified": "2017-11-27T16:55+09:00",
"description": "Nessus provided by Tenable Network Security, Inc. contains a stored cross-site scripting vulnerability (CWE-79) (CVE-2017-2122).\r\nAn authenticated user may store crafted contents to Nessus.\r\n\r\nAccording to the developer, another stored cross-site scripting vulnerability (CVE-2017-5179) was found and fixed in Nessus 6.9.3 as well as the issue of CVE-2017-2122.\r\nFor more information, please see the developer\u0027s advisory.\r\n\r\nToshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability (CVE-2017-2122) to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000082.html",
"sec:cpe": {
"#text": "cpe:/a:tenable:nessus",
"@product": "Nessus",
"@vendor": "Tenable, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "5.4",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000082",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN87760109/index.html",
"@id": "JVN#87760109",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2122",
"@id": "CVE-2017-2122",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-2122",
"@id": "CVE-2017-2122",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Nessus vulnerable to cross-site scripting"
}
JVNDB-2017-000013
Vulnerability from jvndb - Published: 2017-01-24 13:38 - Updated:2017-02-20 17:44
Severity
Summary
Nessus vulnerable to cross-site scripting
Details
Nessus contains a stored cross-site scripting (CWE-79) vulnerability in handling .nessus files.
Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000013.html",
"dc:date": "2017-02-20T17:44+09:00",
"dcterms:issued": "2017-01-24T13:38+09:00",
"dcterms:modified": "2017-02-20T17:44+09:00",
"description": "Nessus contains a stored cross-site scripting (CWE-79) vulnerability in handling .nessus files.\r\n\r\nNoriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000013.html",
"sec:cpe": {
"#text": "cpe:/a:tenable:nessus",
"@product": "Nessus",
"@vendor": "Tenable, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "5.2",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000013",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN12796388/index.html",
"@id": "JVN#12796388",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9260",
"@id": "CVE-2016-9260",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9260",
"@id": "CVE-2016-9260",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Nessus vulnerable to cross-site scripting"
}
JVNDB-2007-000548
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Nessus report function vulnerable to arbitrary script execution
Details
Nessus scanning report in HTML format contains the target server's responses against Nessus scanning. Nessus fails to properly handle the responses. This may cause a script to be executed on a user's web browser when the user views the report.
Nessus, a vulnerability scanner from Tenable Network Security, Inc., is capable of providing test reports in HTML format. The report in HTML format contains the target server's responses against Nessus scanning. Nessus fails to properly handle the responses. This may cause a script to be executed on a user's web browser when the user views the report.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000548.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Nessus scanning report in HTML format contains the target server\u0027s responses against Nessus scanning. Nessus fails to properly handle the responses. This may cause a script to be executed on a user\u0027s web browser when the user views the report.\r\n\r\nNessus, a vulnerability scanner from Tenable Network Security, Inc., is capable of providing test reports in HTML format. The report in HTML format contains the target server\u0027s responses against Nessus scanning. Nessus fails to properly handle the responses. This may cause a script to be executed on a user\u0027s web browser when the user views the report.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000548.html",
"sec:cpe": {
"#text": "cpe:/a:tenable:nessus",
"@product": "Nessus",
"@vendor": "Tenable, Inc.",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.7",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000548",
"sec:references": {
"#text": "http://jvn.jp/en/jp/JVN34058672/index.html",
"@id": "JVN#34058672",
"@source": "JVN"
},
"title": "Nessus report function vulnerable to arbitrary script execution"
}