JVN#87760109
Nessus vulnerable to cross-site scripting
Overview
Nessus contains a cross-site scripting vulnerability.
Products Affected
- Nessus 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2
Description
Nessus provided by Tenable Network Security, Inc. contains a stored cross-site scripting vulnerability (CVE-2017-2122).
An authenticated user may store crafted contents to Nessus.
According to the developer, another stored cross-site scripting vulnerability (CVE-2017-5179) was found and fixed in Nessus 6.9.3 as well as the issue of CVE-2017-2122.
For more information, please see the developer's advisory.
Impact
An arbitrary JavaScript may be executed on the logged in user's web browser.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Tenable Network Security, Inc. | TNS-2017-01 - Nessus 6.9.3 Fixes Two Vulnerabilities |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability (CVE-2017-2122) to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2017-2122 |
| JVN iPedia |
JVNDB-2017-000082 |