PT-2024-17979 · Tenable · Tenable Security Center
Paweł Bednarz
·
Published
2024-02-14
·
Updated
2024-11-19
·
CVE-2024-1367
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Tenable Security Center (affected versions not specified)
Description
A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to the execution of arbitrary code on the Security Center host.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tenable Security Center