CVE-2023-3251

A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.This issue affects Nessus: before 10.6.0.
References
Link Resource
https://www.tenable.com/security/tns-2023-29 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

History

01 Sep 2023, 14:44

Type Values Removed Values Added
First Time Tenable nessus
Tenable
CPE cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*
References (MISC) https://www.tenable.com/security/tns-2023-29 - (MISC) https://www.tenable.com/security/tns-2023-29 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.9
CWE CWE-522

29 Aug 2023, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-29 19:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-3251

Mitre link : CVE-2023-3251

CVE.ORG link : CVE-2023-3251


JSON object : View

Products Affected

tenable

  • nessus
CWE
CWE-522

Insufficiently Protected Credentials