Tenable Nessus Web UI Information Disclosure Vulnerability
Last Update Date:
23 Jul 2014
Release Date:
22 Jul 2014
4094
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
A vulnerability was identified in Tenable Nessus. A remote user can obtain potentially sensitive information.
A remote user can send a specially crafted request to the '/server/properties' URL to obtain potentially sensitive information without authenticating.
Impact
- Information Disclosure
System / Technologies affected
- Versions 5.2.3 - 5.2.7 (Web UI 2.3.4)
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (Web UI 2.3.5).
Vulnerability Identifier
Source
Related Link
Share with