CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8051

Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.531

EPSS Ranking 97.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2017-8051

Tenable » Appliance » Version: 3.10.0

cpe:2.3:a:tenable:appliance:3.10.0
Tenable » Appliance » Version: 3.10.1

cpe:2.3:a:tenable:appliance:3.10.1
Tenable » Appliance » Version: 3.4.0

cpe:2.3:a:tenable:appliance:3.4.0
Tenable » Appliance » Version: 3.5.0

cpe:2.3:a:tenable:appliance:3.5.0
Tenable » Appliance » Version: 3.5.1

cpe:2.3:a:tenable:appliance:3.5.1
Tenable » Appliance » Version: 4.0.0

cpe:2.3:a:tenable:appliance:4.0.0
Tenable » Appliance » Version: 4.1.0

cpe:2.3:a:tenable:appliance:4.1.0
Tenable » Appliance » Version: 4.2.0

cpe:2.3:a:tenable:appliance:4.2.0
Tenable » Appliance » Version: 4.3.0

cpe:2.3:a:tenable:appliance:4.3.0
Tenable » Appliance » Version: 4.3.1

cpe:2.3:a:tenable:appliance:4.3.1
Tenable » Appliance » Version: 4.4.0

cpe:2.3:a:tenable:appliance:4.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8051

Products

Pricing

Contact Us