A vulnerability has been found in Tenable Nessus up to 8.2.1 (Security Testing Software) and classified as problematic. This vulnerability affects an unknown part. The manipulation as part of a Request leads to a cross site scripting vulnerability (Stored). The CWE definition for the vulnerability is CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. As an impact it is known to affect integrity. CVE summarizes:

Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. An authenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a user's browser session. Tenable has released Nessus 8.2.2 to address this issue.

The bug was discovered 01/29/2019. The weakness was released 02/12/2019 (Website). The advisory is shared for download at tenable.com. This vulnerability was named CVE-2019-3923 since 01/03/2019. The attack can be initiated remotely. A single authentication is necessary for exploitation. There are neither technical details nor an exploit publicly available. The MITRE ATT&CK project declares the attack technique as T1059.007.

The vulnerability was handled as a non-public zero-day exploit for at least 14 days. During that time the estimated underground price was around $0-$5k. The commercial vulnerability scanner Qualys is able to test this issue with plugin 371643 (Tenable Nessus Stored XSS Vulnerability.).

Upgrading to version 8.2.2 eliminates this vulnerability.

Productinfo

Type

• Security Testing Software

Vendor

• Tenable

Name

• Nessus

Version

• 8.2.0
• 8.2.1

License

• open-source

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion