Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2010-2989

Published: 10/08/2010 Updated: 10/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Nessus

Vulnerability Summary

nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote malicious users to obtain sensitive information via a request to the /feed method, which reveals the version in a response.

Vulnerable Product Search on Vulmon Subscribe to Product

nessus web_server_plugin 1.2.4

Vendor Advisories

Tenable Security Advisories: [R2] Tenable Nessus Web UI /feed Method Remote Version Disclosure
Nessus contains a flaw in the Web Server that may lead to an unauthorized information disclosure The issue is triggered when a remote attacker makes a request for the /feed method, which discloses the software's version resulting in a loss of confidentiality While such information is relatively low risk, it is often useful in carrying out additio ...

References

CWE-200https://discussions.nessus.org/message/7245#7245http://www.securityfocus.com/archive/1/512645/100/0/threadedhttps://nvd.nist.govhttps://www.tenable.com/security/tns-2010-02
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991CVE-2024-32674path traversalCVE-2023-21987denial of servicedosCVE-2024-4647CVE-2024-25519CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook