The /server/properties resource in Tenable Web UI prior to 2.3.5 for Nessus 5.2.3 up to and including 5.2.7 allows remote malicious users to obtain sensitive information via the token parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tenable nessus 5.2.6 |
||
tenable nessus 5.2.7 |
||
tenable web ui |
||
tenable nessus 5.2.3 |
||
tenable nessus 5.2.4 |
||
tenable nessus 5.2.5 |