Vulnerability Details CVE-2018-1142
Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability. Utilizing a specially crafted request, an authenticated attacker could potentially execute arbitrary JavaScript code by manipulating certain URL parameters related to offline plugins.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.9%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2018-1142
-
cpe:2.3:a:tenable:appliance:2.0.0
-
cpe:2.3:a:tenable:appliance:2.0.1
-
cpe:2.3:a:tenable:appliance:2.2.0
-
cpe:2.3:a:tenable:appliance:2.4.0
-
cpe:2.3:a:tenable:appliance:2.4.1
-
cpe:2.3:a:tenable:appliance:2.6.0
-
cpe:2.3:a:tenable:appliance:2.6.1
-
cpe:2.3:a:tenable:appliance:2.6.2
-
cpe:2.3:a:tenable:appliance:2.8.0
-
cpe:2.3:a:tenable:appliance:2.8.1
-
cpe:2.3:a:tenable:appliance:3.0.0
-
cpe:2.3:a:tenable:appliance:3.1.0
-
cpe:2.3:a:tenable:appliance:3.10.0
-
cpe:2.3:a:tenable:appliance:3.10.1
-
cpe:2.3:a:tenable:appliance:3.2.0
-
cpe:2.3:a:tenable:appliance:3.3.1
-
cpe:2.3:a:tenable:appliance:3.4.0
-
cpe:2.3:a:tenable:appliance:3.5.0
-
cpe:2.3:a:tenable:appliance:3.5.1
-
cpe:2.3:a:tenable:appliance:3.6.0
-
cpe:2.3:a:tenable:appliance:3.7.0
-
cpe:2.3:a:tenable:appliance:3.8.0
-
cpe:2.3:a:tenable:appliance:3.9.0
-
cpe:2.3:a:tenable:appliance:4.0.0
-
cpe:2.3:a:tenable:appliance:4.1.0
-
cpe:2.3:a:tenable:appliance:4.2.0
-
cpe:2.3:a:tenable:appliance:4.2.1
-
cpe:2.3:a:tenable:appliance:4.3.0
-
cpe:2.3:a:tenable:appliance:4.3.1
-
cpe:2.3:a:tenable:appliance:4.3.2
-
cpe:2.3:a:tenable:appliance:4.4.0
-
cpe:2.3:a:tenable:appliance:4.5.0
-
cpe:2.3:a:tenable:appliance:4.6.0
-
cpe:2.3:a:tenable:appliance:4.6.1