Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

[R1] Tenable.sc 5.13.0 Fixes Multiple Third-Party Vulnerabilities

Related Vulnerabilities: CVE-2019-1552   CVE-2019-1547   CVE-2019-1551   CVE-2019-1563   CVE-2018-17199   CVE-2018-17189   CVE-2018-11763   CVE-2018-1333   CVE-2018-1303   CVE-2018-1302   CVE-2018-1301   CVE-2018-1312   CVE-2017-15715   CVE-2017-15710   CVE-2018-1283   CVE-2017-9798   CVE-2017-9788   CVE-2017-3167   CVE-2017-3169   CVE-2017-7659   CVE-2017-7668   CVE-2017-7679   CVE-2019-3465  

Tenable.sc leverages third-party software to help provide underlying functionality. Three separate third-party components (OpenSSL, Apache HTTP Server, SimpleSAMLphp) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of these issues in Tenable.sc. Tenable.sc 5.13.0 updates OpenSSL to 1.1.1d, Apache HTTP Server to 2.4.41, and SimpleSAMLphp to 1.17.7 to address the identified vulnerabilities. Note: The CVSSv2 score used in this advisory reflects CVE-2017-3167, as it is considered the highest risk.

Source

Synopsis

Tenable.sc leverages third-party software to help provide underlying functionality. Three separate third-party components (OpenSSL, Apache HTTP Server, SimpleSAMLphp) were found to contain vulnerabilities, and updated versions have been made available by the providers.

Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of these issues in Tenable.sc. Tenable.sc 5.13.0 updates OpenSSL to 1.1.1d, Apache HTTP Server to 2.4.41, and SimpleSAMLphp to 1.17.7 to address the identified vulnerabilities.

Note: The CVSSv2 score used in this advisory reflects CVE-2017-3167, as it is considered the highest risk.

Solution

Tenable has released Tenable.sc 5.13.0 to address these issues. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/tenable-sc).

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started