Multiple vulnerabilities in Nessus Network Monitor
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2024-6119 CVE-2024-45491 CVE-2024-45492 CVE-2024-6197 CVE-2024-7264 CVE-2024-8096 CVE-2024-34459 CVE-2024-9158 |
| CWE-ID | CWE-843 CWE-190 CWE-415 CWE-125 CWE-295 CWE-122 CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Nessus Network Monitor Client/Desktop applications / Software for system administration |
| Vendor | Tenable Network Security |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Type Confusion
EUVDB-ID: #VU96744
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-6119
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion error when performing certificate name checks. A remote attacker can supply a specially crafted X.509 certificate to the server, trigger a type confusion error and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsNessus Network Monitor: 6.0.0 - 6.4.1
CPE2.3- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.1.0:*:*:*:*:*:*:*
https://www.tenable.com/security/tns-2024-17
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Integer overflow
EUVDB-ID: #VU96898
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-45491
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the dtdCopy() function in xmlparse.c. A remote attacker can pass specially crafted input to the application, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsNessus Network Monitor: 6.0.0 - 6.4.1
CPE2.3- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.1.0:*:*:*:*:*:*:*
https://www.tenable.com/security/tns-2024-17
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Integer overflow
EUVDB-ID: #VU96899
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-45492
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the nextScaffoldPart() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsNessus Network Monitor: 6.0.0 - 6.4.1
CPE2.3- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.1.0:*:*:*:*:*:*:*
https://www.tenable.com/security/tns-2024-17
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Double free
EUVDB-ID: #VU94715
Risk: Medium
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-6197
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ASN1 parser within the utf8asn1str() function. A remote attacker can pass specially crafted TLS certificate to the application, trigger double free error and execute arbitrary code on the target system.
The vulnerable code can only be reached when curl is built to use GnuTLS, wolfSSL, Schannel or Secure Transport.
MitigationInstall update from vendor's website.
Vulnerable software versionsNessus Network Monitor: 6.0.0 - 6.4.1
CPE2.3- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.1.0:*:*:*:*:*:*:*
https://www.tenable.com/security/tns-2024-17
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU95131
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-7264
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the ASN1 parser code in the GTime2str() function. A remote attacker can trigger an out-of-bounds read error and cause a denial of service condition on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsNessus Network Monitor: 6.0.0 - 6.4.1
CPE2.3- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.1.0:*:*:*:*:*:*:*
https://www.tenable.com/security/tns-2024-17
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper certificate validation
EUVDB-ID: #VU97150
Risk: Low
CVSSv4.0: 0.2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-8096
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to curl might fail to detect some OCSP problems when configured to use the Certificate Status Request TLS extension. A remote attacker can bypass OCSP stapling protection and perform a Man-in-the-Middle (MitM) attack.
Successful exploitation of the vulnerability requires that curl is build to use GnuTLS library.
MitigationInstall update from vendor's website.
Vulnerable software versionsNessus Network Monitor: 6.0.0 - 6.4.1
CPE2.3- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.1.0:*:*:*:*:*:*:*
https://www.tenable.com/security/tns-2024-17
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Heap-based buffer overflow
EUVDB-ID: #VU89430
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-34459
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when parsing XML data. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsNessus Network Monitor: 6.0.0 - 6.4.1
CPE2.3- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.1.0:*:*:*:*:*:*:*
https://www.tenable.com/security/tns-2024-17
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Stored cross-site scripting
EUVDB-ID: #VU97682
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-9158
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in NNM UI. A remote authenticated user can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Install update from vendor's website.
Vulnerable software versionsNessus Network Monitor: 6.0.0 - 6.4.1
CPE2.3- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable_network_security:nessus_network_monitor:6.1.0:*:*:*:*:*:*:*
https://www.tenable.com/security/tns-2024-17
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
