Vulnerability Tenable Nessus 6.x < 6.8 Multiple Vulnerabilities(High) was found with NESSUS #109
Assignees
Labels
Comments
|
This is a comment test |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A vulnerability: Tenable Nessus 6.x < 6.8 Multiple Vulnerabilities(High) was found.
Scanner: NESSUS
Description: According to its self-reported version number, the Tenable Nessus application running on the remote host is 6.x prior to 6.8. It is, therefore, affected by multiple vulnerabilities :
A buffer overflow condition exists in the Expat XML parser due to improper validation of user-supplied input when handling malformed input documents. An authenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2018-0718)
A stored cross-site (XSS) scripting vulnerability exists that can be exploited by an authenticated, remote attacker that has user-level access to the Nessus user interface. (CVE-2018-1000028)
Multiple stored cross-site (XSS) scripting vulnerabilities exist that can be exploited by an authenticated, remote attacker that has administrative-level access to the Nessus user interface. These issues would only affect other users with administrative access. (CVE-2018-1000029)
Recommendation: Upgrade to Tenable Nessus version 6.8 or later.
Asset Information:
Asset name: 45.55.222.164
IP: 45.55.222.164
Scan was run on: 2018-10-18 08:19:58
Nucleus Notification Rules Triggered: Ticket to all on New scan High vuln
Project Name: Test Project
Please see Nucleus for more information on these vulnerabilities
The text was updated successfully, but these errors were encountered: