CVE-2023-0476 in Tenable.scالمعلومات

الملخص

بحسب MITRE • 26/01/2023

A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

24/01/2023

إفشاء

26/01/2023

الاعتدال

تمت الموافقة

إدخال

VDB-219410

EPSS

0.00693

KEV

لا

النشاطات

منخفض جدًا

المصادر

Want to stay up to date on a daily basis?

Enable the mail alert feature now!