CINXE.COM

<!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><title>SCADA Plugins | Tenable®</title><meta name="description" content="Listing all plugins in the SCADA family"/><meta property="og:title" content="SCADA Plugins"/><meta property="og:description" content="Listing all plugins in the SCADA family"/><meta name="twitter:title" content="SCADA Plugins"/><meta name="twitter:description" content="Listing all plugins in the SCADA family"/><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="apple-touch-icon" sizes="180x180" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/apple-touch-icon-180x180.png"/><link rel="manifest" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/manifest.json"/><link rel="icon" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/favicon.ico" sizes="any"/><link rel="icon" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/tenable-favicon.svg" type="image/svg+xml"/><meta name="msapplication-config" content="https://www.tenable.com/themes/custom/tenable/images-new/favicons/browserconfig.xml"/><meta name="theme-color" content="#ffffff"/><link rel="canonical" href="https://www.tenable.com/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="x-default" href="https://www.tenable.com/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="en" href="https://www.tenable.com/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="de" href="https://de.tenable.com/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="es" href="https://es-la.tenable.com/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="fr" href="https://fr.tenable.com/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="ja" href="https://jp.tenable.com/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="ko" href="https://kr.tenable.com/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="zh-CN" href="https://www.tenablecloud.cn/plugins/nessus/families/SCADA"/><link rel="alternate" hrefLang="zh-TW" href="https://zh-tw.tenable.com/plugins/nessus/families/SCADA"/><meta name="next-head-count" content="25"/><script type="text/javascript">window.NREUM||(NREUM={});NREUM.info = {"agent":"","beacon":"bam.nr-data.net","errorBeacon":"bam.nr-data.net","licenseKey":"5febff3e0e","applicationID":"96358297","agentToken":null,"applicationTime":40.458424,"transactionName":"MVBabEEHChVXU0IIXggab11RIBYHW1VBDkMNYEpRHCgBHkJaRU52I2EXF0MKEQFfXkVOahJMSF1uSQIHW1laCFQVGmNeUgsNCk9t","queueTime":0,"ttGuid":"6ba68877334755be"}; (window.NREUM||(NREUM={})).init={ajax:{deny_list:["bam.nr-data.net"]}};(window.NREUM||(NREUM={})).loader_config={licenseKey:"5febff3e0e",applicationID:"96358297"};;/*! For license information please see nr-loader-rum-1.281.0.min.js.LICENSE.txt */ (()=>{var e,t,r={122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},217:(e,t,r)=>{"use strict";r.d(t,{D0:()=>h,gD:()=>b,xN:()=>v});r(860).K7.genericEvents;const n="experimental.marks",i="experimental.measures",o="experimental.resources";var a=r(993);const s=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var c=r(614),u=r(944),l=r(384),d=r(122);const f="[data-nr-mask]",g=()=>{const e={feature_flags:[],experimental:{marks:!1,measures:!1,resources:!1},mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},get feature_flags(){return e.feature_flags},set feature_flags(t){e.feature_flags=t},generic_events:{enabled:!0,autoStart:!0},harvest:{interval:30},jserrors:{enabled:!0,autoStart:!0},logging:{enabled:!0,autoStart:!0,level:a.p_.INFO},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,autoStart:!0},performance:{get capture_marks(){return e.feature_flags.includes(n)||e.experimental.marks},set capture_marks(t){e.experimental.marks=t},get capture_measures(){return e.feature_flags.includes(i)||e.experimental.measures},set capture_measures(t){e.experimental.measures=t},capture_detail:!0,resources:{get enabled(){return e.feature_flags.includes(o)||e.experimental.resources},set enabled(t){e.experimental.resources=t},asset_types:[],first_party_domains:[],ignore_newrelic:!0}},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:c.wk,inactiveMs:c.BB},session_replay:{autoStart:!0,enabled:!1,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){s(t)?e.mask_selector="".concat(t,",").concat(f):""===t||null===t?e.mask_selector=f:(0,u.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){s(t)?e.block_selector+=",".concat(t):""!==t&&(0,u.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,u.R)(7,t)}},session_trace:{enabled:!0,autoStart:!0},soft_navigations:{enabled:!0,autoStart:!0},spa:{enabled:!0,autoStart:!0},ssl:void 0,user_actions:{enabled:!0,elementAttributes:["id","className","tagName","type"]}}},p={},m="All configuration objects require an agent identifier!";function h(e){if(!e)throw new Error(m);if(!p[e])throw new Error("Configuration for ".concat(e," was never set"));return p[e]}function v(e,t){if(!e)throw new Error(m);p[e]=(0,d.a)(t,g());const r=(0,l.nY)(e);r&&(r.init=p[e])}function b(e,t){if(!e)throw new Error(m);var r=h(e);if(r){for(var n=t.split("."),i=0;i<n.length-1;i++)if("object"!=typeof(r=r[n[i]]))return;r=r[n[n.length-1]]}return r}},371:(e,t,r)=>{"use strict";r.d(t,{V:()=>f,f:()=>d});var n=r(122),i=r(384),o=r(154),a=r(324);let s=0;const c={buildEnv:a.F3,distMethod:a.Xs,version:a.xv,originTime:o.WN},u={customTransaction:void 0,disabled:!1,isolatedBacklog:!1,loaderType:void 0,maxBytes:3e4,onerror:void 0,ptid:void 0,releaseIds:{},appMetadata:{},session:void 0,denyList:void 0,timeKeeper:void 0,obfuscator:void 0,harvester:void 0},l={};function d(e){if(!e)throw new Error("All runtime objects require an agent identifier!");if(!l[e])throw new Error("Runtime for ".concat(e," was never set"));return l[e]}function f(e,t){if(!e)throw new Error("All runtime objects require an agent identifier!");l[e]={...(0,n.a)(t,u),...c},Object.hasOwnProperty.call(l[e],"harvestCount")||Object.defineProperty(l[e],"harvestCount",{get:()=>++s});const r=(0,i.nY)(e);r&&(r.runtime=l[e])}},324:(e,t,r)=>{"use strict";r.d(t,{F3:()=>i,Xs:()=>o,xv:()=>n});const n="1.281.0",i="PROD",o="CDN"},154:(e,t,r)=>{"use strict";r.d(t,{OF:()=>c,RI:()=>i,WN:()=>l,bv:()=>o,gm:()=>a,mw:()=>s,sb:()=>u});var n=r(863);const i="undefined"!=typeof window&&!!window.document,o="undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self.navigator instanceof WorkerNavigator||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis.navigator instanceof WorkerNavigator),a=i?window:"undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis),s=Boolean("hidden"===a?.document?.visibilityState),c=/iPad|iPhone|iPod/.test(a.navigator?.userAgent),u=c&&"undefined"==typeof SharedWorker,l=((()=>{const e=a.navigator?.userAgent?.match(/Firefox[/\s](\d+\.\d+)/);Array.isArray(e)&&e.length>=2&&e[1]})(),Date.now()-(0,n.t)())},687:(e,t,r)=>{"use strict";r.d(t,{Ak:()=>c,Ze:()=>d,x3:()=>u});var n=r(836),i=r(606),o=r(860),a=r(646);const s={};function c(e,t){const r={staged:!1,priority:o.P3[t]||0};l(e),s[e].get(t)||s[e].set(t,r)}function u(e,t){e&&s[e]&&(s[e].get(t)&&s[e].delete(t),g(e,t,!1),s[e].size&&f(e))}function l(e){if(!e)throw new Error("agentIdentifier required");s[e]||(s[e]=new Map)}function d(e="",t="feature",r=!1){if(l(e),!e||!s[e].get(t)||r)return g(e,t);s[e].get(t).staged=!0,f(e)}function f(e){const t=Array.from(s[e]);t.every((([e,t])=>t.staged))&&(t.sort(((e,t)=>e[1].priority-t[1].priority)),t.forEach((([t])=>{s[e].delete(t),g(e,t)})))}function g(e,t,r=!0){const o=e?n.ee.get(e):n.ee,s=i.i.handlers;if(!o.aborted&&o.backlog&&s){if(r){const e=o.backlog[t],r=s[t];if(r){for(let t=0;e&&t<e.length;++t)p(e[t],r);Object.entries(r).forEach((([e,t])=>{Object.values(t||{}).forEach((t=>{t[0]?.on&&t[0]?.context()instanceof a.y&&t[0].on(e,t[1])}))}))}}o.isolatedBacklog||delete s[t],o.backlog[t]=null,o.emit("drain-"+t,[])}}function p(e,t){var r=e[1];Object.values(t[r]||{}).forEach((t=>{var r=e[0];if(t[0]===r){var n=t[1],i=e[3],o=e[2];n.apply(i,o)}}))}},836:(e,t,r)=>{"use strict";r.d(t,{P:()=>c,ee:()=>u});var n=r(384),i=r(990),o=r(371),a=r(646),s=r(607);const c="nr@context:".concat(s.W),u=function e(t,r){var n={},s={},l={},d=!1;try{d=16===r.length&&(0,o.f)(r).isolatedBacklog}catch(e){}var f={on:p,addEventListener:p,removeEventListener:function(e,t){var r=n[e];if(!r)return;for(var i=0;i<r.length;i++)r[i]===t&&r.splice(i,1)},emit:function(e,r,n,i,o){!1!==o&&(o=!0);if(u.aborted&&!i)return;t&&o&&t.emit(e,r,n);for(var a=g(n),c=m(e),l=c.length,d=0;d<l;d++)c[d].apply(a,r);var p=v()[s[e]];p&&p.push([f,e,r,a]);return a},get:h,listeners:m,context:g,buffer:function(e,t){const r=v();if(t=t||"feature",f.aborted)return;Object.entries(e||{}).forEach((([e,n])=>{s[n]=t,t in r||(r[t]=[])}))},abort:function(){f._aborted=!0,Object.keys(f.backlog).forEach((e=>{delete f.backlog[e]}))},isBuffering:function(e){return!!v()[s[e]]},debugId:r,backlog:d?{}:t&&"object"==typeof t.backlog?t.backlog:{},isolatedBacklog:d};return Object.defineProperty(f,"aborted",{get:()=>{let e=f._aborted||!1;return e||(t&&(e=t.aborted),e)}}),f;function g(e){return e&&e instanceof a.y?e:e?(0,i.I)(e,c,(()=>new a.y(c))):new a.y(c)}function p(e,t){n[e]=m(e).concat(t)}function m(e){return n[e]||[]}function h(t){return l[t]=l[t]||e(f,t)}function v(){return f.backlog}}(void 0,"globalEE"),l=(0,n.Zm)();l.ee||(l.ee=u)},646:(e,t,r)=>{"use strict";r.d(t,{y:()=>n});class n{constructor(e){this.contextId=e}}},908:(e,t,r)=>{"use strict";r.d(t,{d:()=>n,p:()=>i});var n=r(836).ee.get("handle");function i(e,t,r,i,o){o?(o.buffer([e],i),o.emit(e,t,r)):(n.buffer([e],i),n.emit(e,t,r))}},606:(e,t,r)=>{"use strict";r.d(t,{i:()=>o});var n=r(908);o.on=a;var i=o.handlers={};function o(e,t,r,o){a(o||n.d,i,e,t,r)}function a(e,t,r,i,o){o||(o="feature"),e||(e=n.d);var a=t[o]=t[o]||{};(a[r]=a[r]||[]).push([e,i])}},878:(e,t,r)=>{"use strict";function n(e,t){return{capture:e,passive:!1,signal:t}}function i(e,t,r=!1,i){window.addEventListener(e,t,n(r,i))}function o(e,t,r=!1,i){document.addEventListener(e,t,n(r,i))}r.d(t,{DD:()=>o,jT:()=>n,sp:()=>i})},607:(e,t,r)=>{"use strict";r.d(t,{W:()=>n});const n=(0,r(566).bz)()},566:(e,t,r)=>{"use strict";r.d(t,{LA:()=>s,bz:()=>a});var n=r(154);const i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";function o(e,t){return e?15&e[t]:16*Math.random()|0}function a(){const e=n.gm?.crypto||n.gm?.msCrypto;let t,r=0;return e&&e.getRandomValues&&(t=e.getRandomValues(new Uint8Array(30))),i.split("").map((e=>"x"===e?o(t,r++).toString(16):"y"===e?(3&o()|8).toString(16):e)).join("")}function s(e){const t=n.gm?.crypto||n.gm?.msCrypto;let r,i=0;t&&t.getRandomValues&&(r=t.getRandomValues(new Uint8Array(e)));const a=[];for(var s=0;s<e;s++)a.push(o(r,i++).toString(16));return a.join("")}},614:(e,t,r)=>{"use strict";r.d(t,{BB:()=>a,H3:()=>n,g:()=>u,iL:()=>c,tS:()=>s,uh:()=>i,wk:()=>o});const n="NRBA",i="SESSION",o=144e5,a=18e5,s={STARTED:"session-started",PAUSE:"session-pause",RESET:"session-reset",RESUME:"session-resume",UPDATE:"session-update"},c={SAME_TAB:"same-tab",CROSS_TAB:"cross-tab"},u={OFF:0,FULL:1,ERROR:2}},863:(e,t,r)=>{"use strict";function n(){return Math.floor(performance.now())}r.d(t,{t:()=>n})},944:(e,t,r)=>{"use strict";function n(e,t){"function"==typeof console.debug&&console.debug("New Relic Warning: https://github.com/newrelic/newrelic-browser-agent/blob/main/docs/warning-codes.md#".concat(e),t)}r.d(t,{R:()=>n})},284:(e,t,r)=>{"use strict";r.d(t,{t:()=>c,B:()=>s});var n=r(836),i=r(154);const o="newrelic";const a=new Set,s={};function c(e,t){const r=n.ee.get(t);s[t]??={},e&&"object"==typeof e&&(a.has(t)||(r.emit("rumresp",[e]),s[t]=e,a.add(t),function(e={}){try{i.gm.dispatchEvent(new CustomEvent(o,{detail:e}))}catch(e){}}({loaded:!0})))}},990:(e,t,r)=>{"use strict";r.d(t,{I:()=>i});var n=Object.prototype.hasOwnProperty;function i(e,t,r){if(n.call(e,t))return e[t];var i=r();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,t,{value:i,writable:!0,enumerable:!1}),i}catch(e){}return e[t]=i,i}},389:(e,t,r)=>{"use strict";function n(e,t=500,r={}){const n=r?.leading||!1;let i;return(...r)=>{n&&void 0===i&&(e.apply(this,r),i=setTimeout((()=>{i=clearTimeout(i)}),t)),n||(clearTimeout(i),i=setTimeout((()=>{e.apply(this,r)}),t))}}function i(e){let t=!1;return(...r)=>{t||(t=!0,e.apply(this,r))}}r.d(t,{J:()=>i,s:()=>n})},289:(e,t,r)=>{"use strict";r.d(t,{GG:()=>o,sB:()=>a});var n=r(878);function i(){return"undefined"==typeof document||"complete"===document.readyState}function o(e,t){if(i())return e();(0,n.sp)("load",e,t)}function a(e){if(i())return e();(0,n.DD)("DOMContentLoaded",e)}},384:(e,t,r)=>{"use strict";r.d(t,{NT:()=>o,US:()=>l,Zm:()=>a,bQ:()=>c,dV:()=>s,nY:()=>u,pV:()=>d});var n=r(154),i=r(863);const o={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net"};function a(){return n.gm.NREUM||(n.gm.NREUM={}),void 0===n.gm.newrelic&&(n.gm.newrelic=n.gm.NREUM),n.gm.NREUM}function s(){let e=a();return e.o||(e.o={ST:n.gm.setTimeout,SI:n.gm.setImmediate,CT:n.gm.clearTimeout,XHR:n.gm.XMLHttpRequest,REQ:n.gm.Request,EV:n.gm.Event,PR:n.gm.Promise,MO:n.gm.MutationObserver,FETCH:n.gm.fetch,WS:n.gm.WebSocket}),e}function c(e,t){let r=a();r.initializedAgents??={},t.initializedAt={ms:(0,i.t)(),date:new Date},r.initializedAgents[e]=t}function u(e){let t=a();return t.initializedAgents?.[e]}function l(e,t){a()[e]=t}function d(){return function(){let e=a();const t=e.info||{};e.info={beacon:o.beacon,errorBeacon:o.errorBeacon,...t}}(),function(){let e=a();const t=e.init||{};e.init={...t}}(),s(),function(){let e=a();const t=e.loader_config||{};e.loader_config={...t}}(),a()}},843:(e,t,r)=>{"use strict";r.d(t,{u:()=>i});var n=r(878);function i(e,t=!1,r,i){(0,n.DD)("visibilitychange",(function(){if(t)return void("hidden"===document.visibilityState&&e());e(document.visibilityState)}),r,i)}},434:(e,t,r)=>{"use strict";r.d(t,{Jt:()=>o,YM:()=>c});var n=r(836),i=r(607);const o="nr@original:".concat(i.W);var a=Object.prototype.hasOwnProperty,s=!1;function c(e,t){return e||(e=n.ee),r.inPlace=function(e,t,n,i,o){n||(n="");const a="-"===n.charAt(0);for(let s=0;s<t.length;s++){const c=t[s],u=e[c];l(u)||(e[c]=r(u,a?c+n:n,i,c,o))}},r.flag=o,r;function r(t,r,n,s,c){return l(t)?t:(r||(r=""),nrWrapper[o]=t,function(e,t,r){if(Object.defineProperty&&Object.keys)try{return Object.keys(e).forEach((function(r){Object.defineProperty(t,r,{get:function(){return e[r]},set:function(t){return e[r]=t,t}})})),t}catch(e){u([e],r)}for(var n in e)a.call(e,n)&&(t[n]=e[n])}(t,nrWrapper,e),nrWrapper);function nrWrapper(){var o,a,l,d;try{a=this,o=[...arguments],l="function"==typeof n?n(o,a):n||{}}catch(t){u([t,"",[o,a,s],l],e)}i(r+"start",[o,a,s],l,c);try{return d=t.apply(a,o)}catch(e){throw i(r+"err",[o,a,e],l,c),e}finally{i(r+"end",[o,a,d],l,c)}}}function i(r,n,i,o){if(!s||t){var a=s;s=!0;try{e.emit(r,n,i,t,o)}catch(t){u([t,r,n,i],e)}s=a}}}function u(e,t){t||(t=n.ee);try{t.emit("internal-error",e)}catch(e){}}function l(e){return!(e&&"function"==typeof e&&e.apply&&!e[o])}},993:(e,t,r)=>{"use strict";r.d(t,{ET:()=>o,p_:()=>i});var n=r(860);const i={ERROR:"ERROR",WARN:"WARN",INFO:"INFO",DEBUG:"DEBUG",TRACE:"TRACE"},o="log";n.K7.logging},969:(e,t,r)=>{"use strict";r.d(t,{TZ:()=>n,XG:()=>s,rs:()=>i,xV:()=>a,z_:()=>o});const n=r(860).K7.metrics,i="sm",o="cm",a="storeSupportabilityMetrics",s="storeEventMetrics"},630:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewEvent},782:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewTiming},344:(e,t,r)=>{"use strict";r.d(t,{G4:()=>i});var n=r(614);r(860).K7.sessionReplay;const i={RECORD:"recordReplay",PAUSE:"pauseReplay",REPLAY_RUNNING:"replayRunning",ERROR_DURING_REPLAY:"errorDuringReplay"};n.g.ERROR,n.g.FULL,n.g.OFF},234:(e,t,r)=>{"use strict";r.d(t,{W:()=>o});var n=r(836),i=r(687);class o{constructor(e,t){this.agentIdentifier=e,this.ee=n.ee.get(e),this.featureName=t,this.blocked=!1}deregisterDrain(){(0,i.x3)(this.agentIdentifier,this.featureName)}}},603:(e,t,r)=>{"use strict";r.d(t,{j:()=>K});var n=r(860),i=r(555),o=r(371),a=r(908),s=r(836),c=r(687),u=r(289),l=r(154),d=r(944),f=r(969),g=r(384),p=r(344);const m=["setErrorHandler","finished","addToTrace","addRelease","recordCustomEvent","addPageAction","setCurrentRouteName","setPageViewName","setCustomAttribute","interaction","noticeError","setUserId","setApplicationVersion","start",p.G4.RECORD,p.G4.PAUSE,"log","wrapLogger"],h=["setErrorHandler","finished","addToTrace","addRelease"];var v=r(863),b=r(614),y=r(993);var w=r(646),A=r(434);const R=new Map;function _(e,t,r,n){if("object"!=typeof t||!t||"string"!=typeof r||!r||"function"!=typeof t[r])return(0,d.R)(29);const i=function(e){return(e||s.ee).get("logger")}(e),o=(0,A.YM)(i),a=new w.y(s.P);a.level=n.level,a.customAttributes=n.customAttributes;const c=t[r]?.[A.Jt]||t[r];return R.set(c,a),o.inPlace(t,[r],"wrap-logger-",(()=>R.get(c))),i}function E(){const e=(0,g.pV)();m.forEach((t=>{e[t]=(...r)=>function(t,...r){let n=[];return Object.values(e.initializedAgents).forEach((e=>{e&&e.api?e.exposed&&e.api[t]&&n.push(e.api[t](...r)):(0,d.R)(38,t)})),n.length>1?n:n[0]}(t,...r)}))}const x={};function N(e,t,g=!1){t||(0,c.Ak)(e,"api");const m={};var w=s.ee.get(e),A=w.get("tracer");x[e]=b.g.OFF,w.on(p.G4.REPLAY_RUNNING,(t=>{x[e]=t}));var R="api-",E=R+"ixn-";function N(t,r,n,o){const a=(0,i.Vp)(e);return null===r?delete a.jsAttributes[t]:(0,i.x1)(e,{...a,jsAttributes:{...a.jsAttributes,[t]:r}}),j(R,n,!0,o||null===r?"session":void 0)(t,r)}function k(){}m.log=function(e,{customAttributes:t={},level:r=y.p_.INFO}={}){(0,a.p)(f.xV,["API/log/called"],void 0,n.K7.metrics,w),function(e,t,r={},i=y.p_.INFO){(0,a.p)(f.xV,["API/logging/".concat(i.toLowerCase(),"/called")],void 0,n.K7.metrics,e),(0,a.p)(y.ET,[(0,v.t)(),t,r,i],void 0,n.K7.logging,e)}(w,e,t,r)},m.wrapLogger=(e,t,{customAttributes:r={},level:i=y.p_.INFO}={})=>{(0,a.p)(f.xV,["API/wrapLogger/called"],void 0,n.K7.metrics,w),_(w,e,t,{customAttributes:r,level:i})},h.forEach((e=>{m[e]=j(R,e,!0,"api")})),m.addPageAction=j(R,"addPageAction",!0,n.K7.genericEvents),m.recordCustomEvent=j(R,"recordCustomEvent",!0,n.K7.genericEvents),m.setPageViewName=function(t,r){if("string"==typeof t)return"/"!==t.charAt(0)&&(t="/"+t),(0,o.f)(e).customTransaction=(r||"http://custom.transaction")+t,j(R,"setPageViewName",!0)()},m.setCustomAttribute=function(e,t,r=!1){if("string"==typeof e){if(["string","number","boolean"].includes(typeof t)||null===t)return N(e,t,"setCustomAttribute",r);(0,d.R)(40,typeof t)}else(0,d.R)(39,typeof e)},m.setUserId=function(e){if("string"==typeof e||null===e)return N("enduser.id",e,"setUserId",!0);(0,d.R)(41,typeof e)},m.setApplicationVersion=function(e){if("string"==typeof e||null===e)return N("application.version",e,"setApplicationVersion",!1);(0,d.R)(42,typeof e)},m.start=()=>{try{(0,a.p)(f.xV,["API/start/called"],void 0,n.K7.metrics,w),w.emit("manual-start-all")}catch(e){(0,d.R)(23,e)}},m[p.G4.RECORD]=function(){(0,a.p)(f.xV,["API/recordReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.RECORD,[],void 0,n.K7.sessionReplay,w)},m[p.G4.PAUSE]=function(){(0,a.p)(f.xV,["API/pauseReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.PAUSE,[],void 0,n.K7.sessionReplay,w)},m.interaction=function(e){return(new k).get("object"==typeof e?e:{})};const T=k.prototype={createTracer:function(e,t){var r={},i=this,o="function"==typeof t;return(0,a.p)(f.xV,["API/createTracer/called"],void 0,n.K7.metrics,w),g||(0,a.p)(E+"tracer",[(0,v.t)(),e,r],i,n.K7.spa,w),function(){if(A.emit((o?"":"no-")+"fn-start",[(0,v.t)(),i,o],r),o)try{return t.apply(this,arguments)}catch(e){const t="string"==typeof e?new Error(e):e;throw A.emit("fn-err",[arguments,this,t],r),t}finally{A.emit("fn-end",[(0,v.t)()],r)}}}};function j(e,t,r,i){return function(){return(0,a.p)(f.xV,["API/"+t+"/called"],void 0,n.K7.metrics,w),i&&(0,a.p)(e+t,[r?(0,v.t)():performance.now(),...arguments],r?null:this,i,w),r?void 0:this}}function I(){r.e(296).then(r.bind(r,778)).then((({setAPI:t})=>{t(e),(0,c.Ze)(e,"api")})).catch((e=>{(0,d.R)(27,e),w.abort()}))}return["actionText","setName","setAttribute","save","ignore","onEnd","getContext","end","get"].forEach((e=>{T[e]=j(E,e,void 0,g?n.K7.softNav:n.K7.spa)})),m.setCurrentRouteName=g?j(E,"routeName",void 0,n.K7.softNav):j(R,"routeName",!0,n.K7.spa),m.noticeError=function(t,r){"string"==typeof t&&(t=new Error(t)),(0,a.p)(f.xV,["API/noticeError/called"],void 0,n.K7.metrics,w),(0,a.p)("err",[t,(0,v.t)(),!1,r,!!x[e]],void 0,n.K7.jserrors,w)},l.RI?(0,u.GG)((()=>I()),!0):I(),m}var k=r(217),T=r(122);const j={accountID:void 0,trustKey:void 0,agentID:void 0,licenseKey:void 0,applicationID:void 0,xpid:void 0},I={};var S=r(284);const O=e=>{const t=e.startsWith("http");e+="/",r.p=t?e:"https://"+e};let P=!1;function K(e,t={},r,n){let{init:a,info:c,loader_config:u,runtime:d={},exposed:f=!0}=t;d.loaderType=r;const p=(0,g.pV)();c||(a=p.init,c=p.info,u=p.loader_config),(0,k.xN)(e.agentIdentifier,a||{}),function(e,t){if(!e)throw new Error("All loader-config objects require an agent identifier!");I[e]=(0,T.a)(t,j);const r=(0,g.nY)(e);r&&(r.loader_config=I[e])}(e.agentIdentifier,u||{}),c.jsAttributes??={},l.bv&&(c.jsAttributes.isWorker=!0),(0,i.x1)(e.agentIdentifier,c);const m=(0,k.D0)(e.agentIdentifier),h=[c.beacon,c.errorBeacon];P||(m.proxy.assets&&(O(m.proxy.assets),h.push(m.proxy.assets)),m.proxy.beacon&&h.push(m.proxy.beacon),E(),(0,g.US)("activatedFeatures",S.B),e.runSoftNavOverSpa&&=!0===m.soft_navigations.enabled&&m.feature_flags.includes("soft_nav")),d.denyList=[...m.ajax.deny_list||[],...m.ajax.block_internal?h:[]],d.ptid=e.agentIdentifier,(0,o.V)(e.agentIdentifier,d),e.ee=s.ee.get(e.agentIdentifier),void 0===e.api&&(e.api=N(e.agentIdentifier,n,e.runSoftNavOverSpa)),void 0===e.exposed&&(e.exposed=f),P=!0}},374:(e,t,r)=>{r.nc=(()=>{try{return document?.currentScript?.nonce}catch(e){}return""})()},860:(e,t,r)=>{"use strict";r.d(t,{$J:()=>u,K7:()=>s,P3:()=>c,XX:()=>i,qY:()=>n,v4:()=>a});const n="events",i="jserrors",o="browser/blobs",a="rum",s={ajax:"ajax",genericEvents:"generic_events",jserrors:i,logging:"logging",metrics:"metrics",pageAction:"page_action",pageViewEvent:"page_view_event",pageViewTiming:"page_view_timing",sessionReplay:"session_replay",sessionTrace:"session_trace",softNav:"soft_navigations",spa:"spa"},c={[s.pageViewEvent]:1,[s.pageViewTiming]:2,[s.metrics]:3,[s.jserrors]:4,[s.spa]:5,[s.ajax]:6,[s.sessionTrace]:7,[s.softNav]:8,[s.sessionReplay]:9,[s.logging]:10,[s.genericEvents]:11},u={[s.pageViewEvent]:a,[s.pageViewTiming]:n,[s.ajax]:n,[s.spa]:n,[s.softNav]:n,[s.metrics]:i,[s.jserrors]:i,[s.sessionTrace]:o,[s.sessionReplay]:o,[s.logging]:"browser/logs",[s.genericEvents]:"ins"}}},n={};function i(e){var t=n[e];if(void 0!==t)return t.exports;var o=n[e]={exports:{}};return r[e](o,o.exports,i),o.exports}i.m=r,i.d=(e,t)=>{for(var r in t)i.o(t,r)&&!i.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},i.f={},i.e=e=>Promise.all(Object.keys(i.f).reduce(((t,r)=>(i.f[r](e,t),t)),[])),i.u=e=>"nr-rum-1.281.0.min.js",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="NRBA-1.281.0.PROD:",i.l=(r,n,o,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==o)for(var u=document.getElementsByTagName("script"),l=0;l<u.length;l++){var d=u[l];if(d.getAttribute("src")==r||d.getAttribute("data-webpack")==t+o){s=d;break}}if(!s){c=!0;var f={296:"sha512-zqOtfbjYsGTkQScey1O8Hh9fA1+m2RFxLpfv7BWqqTivgQ6iM13v6QJ4d5xykyDwx1GoMFmngC4SKpFn6VciYg=="};(s=document.createElement("script")).charset="utf-8",s.timeout=120,i.nc&&s.setAttribute("nonce",i.nc),s.setAttribute("data-webpack",t+o),s.src=r,0!==s.src.indexOf(window.location.origin+"/")&&(s.crossOrigin="anonymous"),f[a]&&(s.integrity=f[a])}e[r]=[n];var g=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var i=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),i&&i.forEach((e=>e(n))),t)return t(n)},p=setTimeout(g.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=g.bind(null,s.onerror),s.onload=g.bind(null,s.onload),c&&document.head.appendChild(s)}},i.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.p="https://js-agent.newrelic.com/",(()=>{var e={374:0,840:0};i.f.j=(t,r)=>{var n=i.o(e,t)?e[t]:void 0;if(0!==n)if(n)r.push(n[2]);else{var o=new Promise(((r,i)=>n=e[t]=[r,i]));r.push(n[2]=o);var a=i.p+i.u(t),s=new Error;i.l(a,(r=>{if(i.o(e,t)&&(0!==(n=e[t])&&(e[t]=void 0),n)){var o=r&&("load"===r.type?"missing":r.type),a=r&&r.target&&r.target.src;s.message="Loading chunk "+t+" failed.\n("+o+": "+a+")",s.name="ChunkLoadError",s.type=o,s.request=a,n[1](s)}}),"chunk-"+t,t)}};var t=(t,r)=>{var n,o,[a,s,c]=r,u=0;if(a.some((t=>0!==e[t]))){for(n in s)i.o(s,n)&&(i.m[n]=s[n]);if(c)c(i)}for(t&&t(r);u<a.length;u++)o=a[u],i.o(e,o)&&e[o]&&e[o][0](),e[o]=0},r=self["webpackChunk:NRBA-1.281.0.PROD"]=self["webpackChunk:NRBA-1.281.0.PROD"]||[];r.forEach(t.bind(null,0)),r.push=t.bind(null,r.push.bind(r))})(),(()=>{"use strict";i(374);var e=i(944),t=i(344),r=i(566);class n{agentIdentifier;constructor(){this.agentIdentifier=(0,r.LA)(16)}#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}addPageAction(e,t){return this.#e("addPageAction",e,t)}recordCustomEvent(e,t){return this.#e("recordCustomEvent",e,t)}setPageViewName(e,t){return this.#e("setPageViewName",e,t)}setCustomAttribute(e,t,r){return this.#e("setCustomAttribute",e,t,r)}noticeError(e,t){return this.#e("noticeError",e,t)}setUserId(e){return this.#e("setUserId",e)}setApplicationVersion(e){return this.#e("setApplicationVersion",e)}setErrorHandler(e){return this.#e("setErrorHandler",e)}addRelease(e,t){return this.#e("addRelease",e,t)}log(e,t){return this.#e("log",e,t)}}class o extends n{#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}start(){return this.#e("start")}finished(e){return this.#e("finished",e)}recordReplay(){return this.#e(t.G4.RECORD)}pauseReplay(){return this.#e(t.G4.PAUSE)}addToTrace(e){return this.#e("addToTrace",e)}setCurrentRouteName(e){return this.#e("setCurrentRouteName",e)}interaction(){return this.#e("interaction")}wrapLogger(e,t,r){return this.#e("wrapLogger",e,t,r)}}var a=i(860),s=i(217);const c=Object.values(a.K7);function u(e){const t={};return c.forEach((r=>{t[r]=function(e,t){return!0===(0,s.gD)(t,"".concat(e,".enabled"))}(r,e)})),t}var l=i(603);var d=i(687),f=i(234),g=i(289),p=i(154),m=i(384);const h=e=>p.RI&&!0===(0,s.gD)(e,"privacy.cookies_enabled");function v(e){return!!(0,m.dV)().o.MO&&h(e)&&!0===(0,s.gD)(e,"session_trace.enabled")}var b=i(389);class y extends f.W{constructor(e,t,r=!0){super(e.agentIdentifier,t),this.auto=r,this.abortHandler=void 0,this.featAggregate=void 0,this.onAggregateImported=void 0,!1===e.init[this.featureName].autoStart&&(this.auto=!1),this.auto?(0,d.Ak)(e.agentIdentifier,t):this.ee.on("manual-start-all",(0,b.J)((()=>{(0,d.Ak)(e.agentIdentifier,this.featureName),this.auto=!0,this.importAggregator(e)})))}importAggregator(t,r={}){if(this.featAggregate||!this.auto)return;let n;this.onAggregateImported=new Promise((e=>{n=e}));const o=async()=>{let o;try{if(h(this.agentIdentifier)){const{setupAgentSession:e}=await i.e(296).then(i.bind(i,861));o=e(t)}}catch(t){(0,e.R)(20,t),this.ee.emit("internal-error",[t]),this.featureName===a.K7.sessionReplay&&this.abortHandler?.()}try{if(!this.#t(this.featureName,o))return(0,d.Ze)(this.agentIdentifier,this.featureName),void n(!1);const{lazyFeatureLoader:e}=await i.e(296).then(i.bind(i,103)),{Aggregate:a}=await e(this.featureName,"aggregate");this.featAggregate=new a(t,r),t.runtime.harvester.initializedAggregates.push(this.featAggregate),n(!0)}catch(t){(0,e.R)(34,t),this.abortHandler?.(),(0,d.Ze)(this.agentIdentifier,this.featureName,!0),n(!1),this.ee&&this.ee.abort()}};p.RI?(0,g.GG)((()=>o()),!0):o()}#t(e,t){switch(e){case a.K7.sessionReplay:return v(this.agentIdentifier)&&!!t;case a.K7.sessionTrace:return!!t;default:return!0}}}var w=i(630);class A extends y{static featureName=w.T;constructor(e,t=!0){super(e,w.T,t),this.importAggregator(e)}}var R=i(908),_=i(843),E=i(878),x=i(782),N=i(863);class k extends y{static featureName=x.T;constructor(e,t=!0){super(e,x.T,t),p.RI&&((0,_.u)((()=>(0,R.p)("docHidden",[(0,N.t)()],void 0,x.T,this.ee)),!0),(0,E.sp)("pagehide",(()=>(0,R.p)("winPagehide",[(0,N.t)()],void 0,x.T,this.ee))),this.importAggregator(e))}}var T=i(969);class j extends y{static featureName=T.TZ;constructor(e,t=!0){super(e,T.TZ,t),this.importAggregator(e)}}new class extends o{constructor(t){super(),p.gm?(this.features={},(0,m.bQ)(this.agentIdentifier,this),this.desiredFeatures=new Set(t.features||[]),this.desiredFeatures.add(A),this.runSoftNavOverSpa=[...this.desiredFeatures].some((e=>e.featureName===a.K7.softNav)),(0,l.j)(this,t,t.loaderType||"agent"),this.run()):(0,e.R)(21)}get config(){return{info:this.info,init:this.init,loader_config:this.loader_config,runtime:this.runtime}}run(){try{const t=u(this.agentIdentifier),r=[...this.desiredFeatures];r.sort(((e,t)=>a.P3[e.featureName]-a.P3[t.featureName])),r.forEach((r=>{if(!t[r.featureName]&&r.featureName!==a.K7.pageViewEvent)return;if(this.runSoftNavOverSpa&&r.featureName===a.K7.spa)return;if(!this.runSoftNavOverSpa&&r.featureName===a.K7.softNav)return;const n=function(e){switch(e){case a.K7.ajax:return[a.K7.jserrors];case a.K7.sessionTrace:return[a.K7.ajax,a.K7.pageViewEvent];case a.K7.sessionReplay:return[a.K7.sessionTrace];case a.K7.pageViewTiming:return[a.K7.pageViewEvent];default:return[]}}(r.featureName).filter((e=>!(e in this.features)));n.length>0&&(0,e.R)(36,{targetFeature:r.featureName,missingDependencies:n}),this.features[r.featureName]=new r(this)}))}catch(t){(0,e.R)(22,t);for(const e in this.features)this.features[e].abortHandler?.();const r=(0,m.Zm)();delete r.initializedAgents[this.agentIdentifier]?.api,delete r.initializedAgents[this.agentIdentifier]?.features,delete this.sharedAggregator;return r.ee.get(this.agentIdentifier).abort(),!1}}}({features:[A,k,j],loaderType:"lite"})})()})();</script><link data-next-font="size-adjust" rel="preconnect" href="/" crossorigin="anonymous"/><link nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" rel="preload" href="/_next/static/css/92f230208c8f5fec.css" as="style"/><link nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" rel="stylesheet" href="/_next/static/css/92f230208c8f5fec.css" data-n-g=""/><noscript data-n-css="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1"></noscript><script defer="" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" nomodule="" src="/_next/static/chunks/polyfills-42372ed130431b0a.js"></script><script src="/_next/static/chunks/webpack-a707e99c69361791.js" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" defer=""></script><script src="/_next/static/chunks/framework-945b357d4a851f4b.js" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" defer=""></script><script src="/_next/static/chunks/main-61b32c80755bad6c.js" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" defer=""></script><script src="/_next/static/chunks/pages/_app-62aa0bf74fd1756c.js" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" defer=""></script><script src="/_next/static/chunks/4428-d0f4fdfbf9aa449e.js" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" defer=""></script><script src="/_next/static/chunks/pages/plugins/%5Btype%5D/families/%5Bfamily%5D-3b8d334bfb16339c.js" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" defer=""></script><script src="/_next/static/TgpC0GgDQiX0eP8wJ615X/_buildManifest.js" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" defer=""></script><script src="/_next/static/TgpC0GgDQiX0eP8wJ615X/_ssgManifest.js" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1" defer=""></script></head><body data-base-url="https://www.tenable.com" data-ga4-tracking-id=""><div id="__next"><div class="app__wrapper"><header class="banner"><div class="nav-wrapper"><ul class="list-inline nav-brand"><li class="list-inline-item"><a href="https://www.tenable.com"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo.png" alt="Tenable"/></a></li><li class="list-inline-item"><a class="app-name" href="https://www.tenable.com/plugins">Plugins</a></li></ul><ul class="nav-dropdown nav"><li class="d-none d-md-block dropdown nav-item"><a aria-haspopup="true" href="#" class="dropdown-toggle nav-link" aria-expanded="false">Settings</a><div tabindex="-1" role="menu" aria-hidden="true" class="dropdown-menu dropdown-menu-right"><h6 tabindex="-1" class="dropdown-header">Links</h6><a href="https://cloud.tenable.com" role="menuitem" class="dropdown-item">Tenable Cloud <i class="fas fa-external-link-alt external-link"></i></a><a href="https://community.tenable.com/login" role="menuitem" class="dropdown-item">Tenable Community & Support <i class="fas fa-external-link-alt external-link"></i></a><a href="https://university.tenable.com/lms/index.php?r=site/sso&sso_type=saml" role="menuitem" class="dropdown-item">Tenable University <i class="fas fa-external-link-alt external-link"></i></a><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity <i class="fas fa-info-circle" id="preferredSeverity"></i></div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><button type="button" tabindex="0" role="menuitem" class="dropdown-item-link dropdown-item">Help</button></div></li></ul><div class="d-block d-md-none"><button type="button" aria-label="Toggle Overlay" class="btn btn-link nav-toggle"><i class="fas fa-bars fa-2x"></i></button></div></div></header><div class="mobile-nav closed"><ul class="flex-column nav"><li class="mobile-header nav-item"><a href="https://www.tenable.com" class="float-left nav-link"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo-teal.png" alt="Tenable"/></a><a class="float-right mr-2 nav-link"><i class="fas fa-times fa-lg"></i></a></li><li class="nav-item"><a class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/pipeline">Plugins Pipeline</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nessus/families?type=nessus">Nessus Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/was/families?type=was">WAS Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nnm/families?type=nnm">NNM Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/lce/families?type=lce">LCE Families</a></li><li class="no-capitalize nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/ot/families?type=ot">Tenable OT Security Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/families/about">About Plugin Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/release-notes">Release Notes</a></li></div></div><li class="nav-item"><a class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/search">Search Audit Files</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/items/search">Search Items</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/references">References</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/authorities">Authorities</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/documentation">Documentation</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div></div><li class="nav-item"><a class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioa">Indicators of Attack</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioe">Indicators of Exposure</a></li></div></div><li class="nav-item"><a class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/search">Search</a></li></div></div><li class="nav-item"><a class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques/search">Search</a></li></div></div><ul id="links-nav" class="flex-column mt-5 nav"><li class="nav-item"><a class="nav-link">Links<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a href="https://cloud.tenable.com" class="nav-link">Tenable Cloud</a></li><li class="nav-item"><a href="https://community.tenable.com/login" class="nav-link">Tenable Community & Support</a></li><li class="nav-item"><a href="https://university.tenable.com/lms/index.php?r=site/sso&sso_type=saml" class="nav-link">Tenable University</a></li></div></div><li class="nav-item"><a class="nav-link">Settings<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse py-3"><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity</div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></li><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></li></div></div></ul></ul></div><div class="app__container"><div class="app__content"><div class="card callout callout-alert callout-bg-danger mb-4"><div class="card-body"><h5 class="mb-2 text-white">Your browser is no longer supported</h5><p class="text-white">Please update or use another browser for this application to function correctly.</p></div></div><div class="row"><div class="col-3 col-xl-2 d-none d-md-block"><h6 class="side-nav-heading">Detections</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-down"></i></a></li><div class="side-nav-collapse collapse show"><li class="false nav-item"><a href="/plugins" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/plugins/pipeline" class="nav-link"><span>Plugins Pipeline</span></a></li><li class="false nav-item"><a href="/plugins/release-notes" class="nav-link"><span>Release Notes</span></a></li><li class="false nav-item"><a href="/plugins/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/plugins/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/plugins/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/plugins/nessus/families" class="nav-link"><span>Nessus Families</span></a></li><li class="false nav-item"><a href="/plugins/was/families" class="nav-link"><span>WAS Families</span></a></li><li class="false nav-item"><a href="/plugins/nnm/families" class="nav-link"><span>NNM Families</span></a></li><li class="false nav-item"><a href="/plugins/lce/families" class="nav-link"><span>LCE Families</span></a></li><li class="false nav-item"><a href="/plugins/ot/families" class="nav-link"><span>Tenable OT Security Families</span></a></li><li class="false nav-item"><a href="/plugins/families/about" class="nav-link"><span>About Plugin Families</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/audits" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/audits/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/audits/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/audits/search" class="nav-link"><span>Search Audit Files</span></a></li><li class="false nav-item"><a href="/audits/items/search" class="nav-link"><span>Search Items</span></a></li><li class="false nav-item"><a href="/audits/references" class="nav-link"><span>References</span></a></li><li class="false nav-item"><a href="/audits/authorities" class="nav-link"><span>Authorities</span></a></li><li class="false nav-item"><a href="/audits/documentation" class="nav-link"><span>Documentation</span></a></li><li class="nav-item"><a class="nav-link" href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div><li class="nav-item"><a type="button" class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/indicators" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/indicators/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/indicators/ioa" class="nav-link"><span>Indicators of Attack</span></a></li><li class="false nav-item"><a href="/indicators/ioe" class="nav-link"><span>Indicators of Exposure</span></a></li></div></ul><h6 class="side-nav-heading">Analytics</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/cve" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/cve/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/cve/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/cve/search" class="nav-link"><span>Search</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/attack-path-techniques" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/attack-path-techniques/search" class="nav-link"><span>Search</span></a></li></div></ul></div><div class="col-12 col-md-9 col-xl-10"><h1 class="mb-3 h2">SCADA Family for Nessus</h1><nav class="d-none d-md-block" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins">Plugins</a></li><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins/nessus/families?type=nessus">Nessus Plugin Families</a></li><li class="active breadcrumb-item" aria-current="page">SCADA</li></ol></nav><nav class="d-md-none" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins/nessus/families?type=nessus"><i class="fas fa-chevron-left"></i> Nessus Plugin Families</a></li></ol></nav><div class="card"><div class="p-3 card-body"><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/nessus/families/SCADA?page=0">‹‹ Previous<span class="sr-only"> Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 10 <span class="d-none d-sm-inline">• 456 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/nessus/families/SCADA?page=2"><span class="sr-only">Next</span>Next ››</a></li></ul></nav><div class="table-responsive"><table class="results-table table"><thead><tr><th>ID</th><th>Name</th><th>Severity</th></tr></thead><tbody><tr><td><a href="https://www.tenable.com/plugins/nessus/216263">216263</a></td><td>Siemens SIMATIC TIA Portal Session Expiration (SSA-342348)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/214704">214704</a></td><td>mySCADA PRO Manager Command Injection (CVE-2024-47407)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/214703">214703</a></td><td>mySCADA PRO Manager Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/214394">214394</a></td><td>CyberPower PowerPanel Business Restart DoS (CVE-2024-11322)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/213999">213999</a></td><td>Siemens User Management Component Heap-based Buffer Overflow (CVE-2024-49775</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/213047">213047</a></td><td>Siemens TeleControl Server Basic Deserialization RCE (CVE-2024-44102</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/213046">213046</a></td><td>Siemens TeleControl Server Basic Redundancy Server Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211580">211580</a></td><td>Rockwell Automation ThinManager ThinServer Missing Authentication (CVE-2024-10386)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/209673">209673</a></td><td>mySCADA myPro Hard-coded Telnet Password (CVE-2024-4708</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/208191">208191</a></td><td>Siemens User Management Component RIS Server Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/208190">208190</a></td><td>Siemens User Management Component Heap-based Buffer Overflow (CVE-2024-33698</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/207521">207521</a></td><td>Rockwell FactoryTalk Batch View Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/207520">207520</a></td><td>Rockwell FactoryTalk Batch View < 3.00 Authentication Bypass</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/207349">207349</a></td><td>Schneider Electric Accutech Manager Server Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/207348">207348</a></td><td>Schneider Electric Accutech Manager Stack Exhaustion (CVE-2024-6918)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/206206">206206</a></td><td>Johnson Controls exacqVision Client Installed (Linux)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/206205">206205</a></td><td>Johnson Controls exacqVision Client Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/206204">206204</a></td><td>Johnson Controls exacqVision Client Installed (macOS)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/206171">206171</a></td><td>KEPServerEX < 6.16.217.0 Denial of Service</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/205659">205659</a></td><td>Schneider Electric Accutech Manager Buffer Overflow</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/205658">205658</a></td><td>Schneider Electric Accutech Manager Buffer Overflow</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/205318">205318</a></td><td>Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/205317">205317</a></td><td>Johnson Controls ExacqVision Web Server < 24.04 Improper Certificate Validation (JCI-PSA-2024-18)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/205316">205316</a></td><td>Johnson Controls ExacqVision Web Server Inadequate Encryption Strength (JCI-PSA-2024-14)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/205315">205315</a></td><td>Johnson Controls exacqVision Web Server Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/201196">201196</a></td><td>Siemens Automation License Manager Path Traversal (CVE-2022-43514)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/201195">201195</a></td><td>Siemens Automation License Manager Remote Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/201036">201036</a></td><td>Rockwell Automation ThinManager ThinServer RCE (CVE-2024-5988)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/200987">200987</a></td><td>Rockwell Automation ThinManager ThinServer SD1677 Multiple Vulnerabilites</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/200986">200986</a></td><td>Rockwell Automation ThinManager ThinServer Improper Input Validation (CVE-2024-5990)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/198230">198230</a></td><td>Rockwell Studio 5000 Logix Designer < V34 Code Hiding</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/197485">197485</a></td><td>CyberPower Power Device Network Utility Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/197484">197484</a></td><td>CyberPower Power Device Network Utility Missing Authentication (CVE-2024-32735)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/196950">196950</a></td><td>Rockwell FactoryTalk Historian < 9.01 DoS</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/196949">196949</a></td><td>Rockwell FactoryTalk Historian Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/193685">193685</a></td><td>Siemens SINEC NMS TFTP File Upload (CVE-2024-23811)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/192702">192702</a></td><td>Siemens Polarion ALM Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/192107">192107</a></td><td>Milesight MilesightVPN Authentication Bypass (CVE-2023-22844)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/192106">192106</a></td><td>Milesight MilesightVPN Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/191096">191096</a></td><td>Rockwell FactoryTalk Services Platform < 2.74 Privilege Escalation</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/190220">190220</a></td><td>Delta Electronics DIAEnergie Hard-coded JWT Key (CVE-2022-3214)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189991">189991</a></td><td>Rockwell FactoryTalk Services Platform < 6.40 Authentication Bypass</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189747">189747</a></td><td>CyberPower PowerPanel Enterprise Detection</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189746">189746</a></td><td>CyberPower PowerPanel Enterprise Authentication Bypass (CVE-2023-3265)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189290">189290</a></td><td>Rockwell FactoryTalk Activation Manager < 4.02 Buffer Overflow</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189289">189289</a></td><td>Rockwell FactoryTalk Activation Manager < 5.01 RCE</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189288">189288</a></td><td>Rockwell FactoryTalk Activation Manager < 4.02 XSS</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189287">189287</a></td><td>Rockwell FactoryTalk Activation Manager Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189286">189286</a></td><td>Rockwell FactoryTalk Activation Manager < 4.01.00 Privilege Escalation</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/189258">189258</a></td><td>Rockwell FactoryTalk Services Platform 2.74 Authentication Bypass</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr></tbody></table></div><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/nessus/families/SCADA?page=0">‹‹ Previous<span class="sr-only"> Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 10 <span class="d-none d-sm-inline">• 456 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/nessus/families/SCADA?page=2"><span class="sr-only">Next</span>Next ››</a></li></ul></nav></div></div></div></div></div></div><footer class="footer"><div class="container"><ul class="footer-nav"><li class="footer-nav-item"><a href="https://www.tenable.com/">Tenable.com</a></li><li class="footer-nav-item"><a href="https://community.tenable.com">Community & Support</a></li><li class="footer-nav-item"><a href="https://docs.tenable.com">Documentation</a></li><li class="footer-nav-item"><a href="https://university.tenable.com">Education</a></li></ul><ul class="footer-nav footer-nav-secondary"><li class="footer-nav-item">© 2025 Tenable®, Inc. All Rights Reserved</li><li class="footer-nav-item"><a href="https://www.tenable.com/privacy-policy">Privacy Policy</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/legal">Legal</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/section-508-voluntary-product-accessibility">508 Compliance</a></li></ul></div></footer><div class="Toastify"></div></div></div><script id="__NEXT_DATA__" type="application/json" nonce="nonce-ZjlkNWJjNjItNmZlNC00NDRjLTkxYWMtMmUzZDI4Mjk1Mjg1">{"props":{"pageProps":{"plugins":[{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"216263","_score":null,"_source":{"plugin_modification_date":"2025-02-14T00:00:00","references":[{"id_type":"IAVB","id":"2025-B-0022","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-45386","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45386"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-342348.html"}],"description":"The version of Siemens SIMATIC TIA Portal installed on the remote Windows host is affected by a vulnerability. Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"216263","available_languages":["en_US"],"synopsis":"The remote host is affected by a session expiration vulnerability.","script_name":"Siemens SIMATIC TIA Portal Session Expiration (SSA-342348)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Update to V19 Update 1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2025-02-14T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"SCADA","xrefs":{"IAVB":["2025-B-0022"]},"pluginPublicationDate":"2/14/2025","pluginModificationDate":"2/14/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1739491200000,"216263"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"214704","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"ICSA","id":"24-326-07","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-47407","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47407"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-07"}],"description":"The mySCADA PRO Manager running on the remote host is affected by a command injection vulnerability. An unauthenticated, remote attacker could exploit this, via a specially crafted message, to execute arbitrary OS commands with administrative privileges.","risk_factor":"Critical","script_id":"214704","available_languages":["en_US"],"synopsis":"An OT application is affected by a command injection vulnerability.","script_name":"mySCADA PRO Manager Command Injection (CVE-2024-47407)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update to version 9.1.3 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2025-01-28T00:00:00","cvss":{"cvssv3_score":10,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":9.3,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":8.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:F/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:F/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"9.2","script_family":"SCADA","xrefs":{"ICSA":["24-326-07"]},"pluginPublicationDate":"1/28/2025","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Critical","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Critical","severity":"Critical"},"sort":[1738022400000,"214704"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"214703","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.myscada.org/mypro/"}],"description":"mySCADA PRO Manager is running on the remote host.","risk_factor":"Info","script_id":"214703","available_languages":["en_US"],"synopsis":"A web application is running on the remote host.","script_name":"mySCADA PRO Manager Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2025-01-28T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"1/28/2025","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1738022400000,"214703"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"214394","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"TRA","id":"TRA-2025-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11322","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11322"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?46cca41c"}],"description":"The CyberPower PowerPanel Business running on the remote host is affected by a denial-of-service vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to restart the PowerPanel Business Service.","risk_factor":"High","script_id":"214394","available_languages":["en_US"],"synopsis":"A power management application is affected by a denial-of-service vulnerability.","script_name":"CyberPower PowerPanel Business Restart DoS (CVE-2024-11322)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to version 4.11.3 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2025-01-20T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":6.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"SCADA","xrefs":{"TRA":["TRA-2025-01"]},"pluginPublicationDate":"1/20/2025","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1737331200000,"214394"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"213999","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"TRA","id":"TRA-2024-49","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-49775","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49775"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-928984.html"}],"description":"The Siemens User Management Component (UMC) running on the remote host is affected by a heap-based buffer overflow vulnerability. An unauthenticated, remote attacker could exploit this, via a specially crafted message, to achieve remote code execution.","risk_factor":"Critical","script_id":"213999","available_languages":["en_US"],"synopsis":"An OT user management application is affected by a buffer overflow vulnerability.","script_name":"Siemens User Management Component Heap-based Buffer Overflow (CVE-2024-49775","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"See vendor advisory.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2025-01-13T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"SCADA","xrefs":{"TRA":["TRA-2024-49"]},"pluginPublicationDate":"1/13/2025","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1736726400000,"213999"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"213047","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"TRA","id":"TRA-2024-46","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-44102","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44102"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-454789.html"}],"description":"The Siemens TeleControl Server Basic running on the remote host is affected by a deserialization vulnerability. An unauthenticated, remote attacker could exploit this, via a specially crafted message, to execute arbitrary code under the security context of SYSTEM.","risk_factor":"Critical","script_id":"213047","available_languages":["en_US"],"synopsis":"An OT application is affected by a deserialization vulnerability.","script_name":"Siemens TeleControl Server Basic Deserialization RCE (CVE-2024-44102","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update to version 3.1.2.1 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-12-16T00:00:00","cvss":{"cvssv3_score":10,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":9,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"7.3","script_family":"SCADA","xrefs":{"TRA":["TRA-2024-46"]},"pluginPublicationDate":"12/16/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1734307200000,"213047"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"213046","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109975921/"}],"description":"Siemens TeleControl Server Basic redundancy server is running on the remote host.","risk_factor":"Info","script_id":"213046","available_languages":["en_US"],"synopsis":"An OT application is running on the remote host.","script_name":"Siemens TeleControl Server Basic Redundancy Server Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-12-16T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"12/16/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1734307200000,"213046"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211580","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"TRA","id":"TRA-2024-43","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-10386","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10386"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?33720b2f"}],"description":"The Rockwell Automation ThinManager ThinServer running on the remote host is affected by a missing authentication vulnerability. An unauthenticated, remote attacker can exploit this, via specially crafted messages, to execute SQL statements on the ThinManager database.","risk_factor":"Critical","script_id":"211580","available_languages":["en_US"],"synopsis":"An OT application is affected by a missing authentication vulnerability.","script_name":"Rockwell Automation ThinManager ThinServer Missing Authentication (CVE-2024-10386)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Apply mitigations in the vendor advisory.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-11-19T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"TRA":["TRA-2024-43"]},"pluginPublicationDate":"11/19/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1731974400000,"211580"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"209673","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"ZDI","id":"ZDI-24-1226","type":"vulnerability","url":null},{"id_type":"cve","id":"CVE-2024-4708","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4708"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-02"}],"description":"The mySCADA myPro running on the remote host is affected by a hard-coded password vulnerability. An unauthenticated, remote attacker could exploit this to telnet to myscadacom.exe.","risk_factor":"Critical","script_id":"209673","available_languages":["en_US"],"synopsis":"An OT application is affected by a hard-coded password vulnerability.","script_name":"mySCADA myPro Hard-coded Telnet Password (CVE-2024-4708","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Update to version 8.31.0 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-10-25T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"SCADA","xrefs":{"ZDI":["ZDI-24-1226"]},"pluginPublicationDate":"10/25/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1729814400000,"209673"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"208191","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?d06bdb04"}],"description":"The Siemens User Management Component (UMC) RIS Server is running on the remote host.","risk_factor":"Info","script_id":"208191","available_languages":["en_US"],"synopsis":"An OT user management application is running on the remote host.","script_name":"Siemens User Management Component RIS Server Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-10-04T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"10/4/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1728000000000,"208191"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"208190","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"TRA","id":"TRA-2024-37","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-33698","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33698"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-039007.html"}],"description":"The Siemens User Management Component (UMC) running on the remote host is affected by a heap-based buffer overflow vulnerability. An unauthenticated, remote attacker could exploit this, via a specially crafted message, to achieve remote code execution.","risk_factor":"Critical","script_id":"208190","available_languages":["en_US"],"synopsis":"An OT user management application is affected by a buffer overflow vulnerability.","script_name":"Siemens User Management Component Heap-based Buffer Overflow (CVE-2024-33698","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Apply mitigations in the vendor advisory.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-10-04T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"SCADA","xrefs":{"TRA":["TRA-2024-37"]},"pluginPublicationDate":"10/4/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1728000000000,"208190"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"207521","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?801f41bb"}],"description":"Rockwell FactoryTalk Batch View is installed on the remote Windows host.","risk_factor":"Info","script_id":"207521","available_languages":["en_US"],"synopsis":"Rockwell FactoryTalk Batch View is installed on the remote Windows host.","script_name":"Rockwell FactoryTalk Batch View Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-09-20T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"9/20/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1726790400000,"207521"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"207520","_score":null,"_source":{"plugin_modification_date":"2025-01-30T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0586-S","type":"advisory","url":null},{"id_type":"ICSA","id":"24-256-22","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-45823","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45823"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?7f447a14"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-256-22"}],"description":"The version of Rockwell FactoryTalk Batch View installed on the remote Windows host is prior to 3.00. It is, therefore, affected by a vulnerability.\n\n - An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threat actor is able to enumerate additional information required during authentication. (CVE-2024-45823)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"207520","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Batch View \u003c 3.00 Authentication Bypass","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Batch View version 3.00 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-09-20T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv3_environmental_vector":null,"rating":null,"cvssv3_environmental_score":null,"source":null,"cvssv4_version":"4.0","cvssv2_temporal_vector":null,"cvssv2_score":10,"cvssv3_version":"3.0","cvssv2_temporal_vector_base":null,"cvssv4_score":9.2,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.5,"cvssv4_vector_base":"AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","cvssv2_temporal_score":7.4,"cvssv2_environmental_score":null,"cvssv4_threat_vector":"CVSS:4.0/E:U","cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv4_threat_score":7.2,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":"Critical"},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"IAVA":["2024-A-0586-S"],"ICSA":["24-256-22"]},"pluginPublicationDate":"9/20/2024","pluginModificationDate":"1/30/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":"Critical","vprSeverity":"Medium","severity":"Critical"},"sort":[1726790400000,"207520"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"207349","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?4f8b9c0b"}],"description":"Schneider Electric Accutech Manager Server is running on the remote host.","risk_factor":"Info","script_id":"207349","available_languages":["en_US"],"synopsis":"A management software for wireless OT devices is running on the remote host.","script_name":"Schneider Electric Accutech Manager Server Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-09-17T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"9/17/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1726531200000,"207349"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"207348","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"TRA","id":"TRA-2024-29","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-6918","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6918"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?869d9a81"}],"description":"The Schneider Electric Accutech Manager server running on the remote host is affected by a stack exhaustion vulnerability due to the lack of proper validation of a user-supplied data. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to terminate the process.","risk_factor":"Medium","script_id":"207348","available_languages":["en_US"],"synopsis":"An OT application is affected by a stack exhaustion vulnerability.","script_name":"Schneider Electric Accutech Manager Stack Exhaustion (CVE-2024-6918)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to version 2.10.0 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-09-17T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":6.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"SCADA","xrefs":{"TRA":["TRA-2024-29"]},"pluginPublicationDate":"9/17/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1726531200000,"207348"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"206206","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.exacq.com/"}],"description":"Johnson Controls exacqVision Client is installed on the remote Linux host.","risk_factor":"Info","script_id":"206206","available_languages":["en_US"],"synopsis":"Johnson Controls exacqVision Client is installed on the remote Linux host.","script_name":"Johnson Controls exacqVision Client Installed (Linux)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-26T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"8/26/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1724630400000,"206206"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"206205","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.exacq.com/"}],"description":"Johnson Controls exacqVision Client is installed on the remote Windows host.","risk_factor":"Info","script_id":"206205","available_languages":["en_US"],"synopsis":"Johnson Controls exacqVision Client is installed on the remote Windows host.","script_name":"Johnson Controls exacqVision Client Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-26T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"8/26/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1724630400000,"206205"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"206204","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.exacq.com/"}],"description":"Johnson Controls exacqVision Client is installed on the remote macOS host.","risk_factor":"Info","script_id":"206204","available_languages":["en_US"],"synopsis":"Johnson Controls exacqVision Client is installed on the remote macOS host.","script_name":"Johnson Controls exacqVision Client Installed (macOS)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-26T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"8/26/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1724630400000,"206204"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"206171","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0120","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-6098","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6098"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.ptc.com/en/support/article/CS423892"}],"description":"The remote host has a version of KEPServerEX installed that is affected by a denial of service vulnerability. When performing an online tag generation to devices which communicate using the ControlLogix protocol, a machine-in-the-middle, or a device that is not configured correctly, could deliver a response leading to unrestricted or unregulated resource allocation. This could cause a denial-of-service condition and crash the Kepware application. By default, these functions are turned off, yet they remain accessible for users who recognize and require their advantages.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"206171","available_languages":["en_US"],"synopsis":"The remote host has software that is affected by a denial of service vulnerability.","script_name":"KEPServerEX \u003c 6.16.217.0 Denial of Service","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade KEPServerEX to version 6.16.217.0 or higher.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-23T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:A/AC:H/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":4.6,"rating":null,"cvssv2_vector_base":"AV:A/AC:H/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"SCADA","xrefs":{"IAVB":["2024-B-0120"]},"pluginPublicationDate":"8/23/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1724371200000,"206171"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"205659","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-29414","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29414"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?92666af7"}],"description":"The remote host has a version of Schneider Electric Accutech Manager installed that is affected by a buffer overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call.","risk_factor":"Medium","script_id":"205659","available_languages":["en_US"],"synopsis":"The remote host is affected by a buffer overflow vulnerability.","script_name":"Schneider Electric Accutech Manager Buffer Overflow","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Schneider Electric Accutech Manager 2.8 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-16T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{},"pluginPublicationDate":"8/16/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1723766400000,"205659"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"205658","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-6918","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6918"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?869d9a81"}],"description":"The remote host has a version of Schneider Electric Accutech Manager installed that is affected by a buffer overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call.","risk_factor":"High","script_id":"205658","available_languages":["en_US"],"synopsis":"The remote host is affected by a buffer overflow vulnerability.","script_name":"Schneider Electric Accutech Manager Buffer Overflow","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Schneider Electric Accutech Manager 2.10.0 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-16T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"SCADA","xrefs":{},"pluginPublicationDate":"8/16/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1723766400000,"205658"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"205318","_score":null,"_source":{"plugin_modification_date":"2024-08-12T00:00:00","references":[{"id_type":"ICSA","id":"24-214-02","type":"advisory","url":null},{"id_type":"ICSA","id":"24-214-03","type":"advisory","url":null},{"id_type":"ICSA","id":"24-214-04","type":"advisory","url":null},{"id_type":"ICSA","id":"24-214-06","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-32862","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32862"},{"id_type":"cve","id":"CVE-2024-32863","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32863"},{"id_type":"cve","id":"CVE-2024-32864","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32864"},{"id_type":"cve","id":"CVE-2024-32931","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32931"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?add56de2"}],"description":"The version of the Johnson Controls exacqVision Web Service running on the remote host is prior to 24.03. It is, therefore, affected by multiple vulnerabilities.\n\n - Under certain circumstances the exacqVision Web Services does not provide sufficient protection from untrusted domains. (CVE-2024-32862)\n\n - Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF). (CVE-2024-32863)\n\n - Under certain circumstances the exacqVision Web Services will not enforce secure web communications (HTTPS). (CVE-2024-32864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"205318","available_languages":["en_US"],"synopsis":"A web application for video management is affected by multiple vulnerabilities.","script_name":"Johnson Controls exacqVision Web Service \u003c 24.06 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade exacqVision Web Service to version 24.06 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-08-09T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"ICSA":["24-214-02","24-214-03","24-214-04","24-214-06"]},"pluginPublicationDate":"8/9/2024","pluginModificationDate":"8/12/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1723161600000,"205318"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"205317","_score":null,"_source":{"plugin_modification_date":"2024-08-26T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0104","type":"advisory","url":null},{"id_type":"ICSA","id":"24-214-05","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-32865","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32865"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?add56de2"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?1c3d6654"}],"description":"The version of the Johnson Controls exacqVision Web Server running on the remote host is prior to 24.04. It is, therefore, affected by a certificate validation vulnerability. Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"205317","available_languages":["en_US"],"synopsis":"A web server running on the remote host is affected by a certificate validation vulnerability.","script_name":"Johnson Controls ExacqVision Web Server \u003c 24.04 Improper Certificate Validation (JCI-PSA-2024-18)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade exacqVision Web Service to version 24.06 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-09T00:00:00","cvss":{"cvssv3_score":7.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:N","cvssv3_temporal_score":6.4,"rating":null,"cvssv2_vector_base":"AV:A/AC:L/Au:N/C:C/I:C/A:N","cvssv3_vector_base":"AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.2","script_family":"SCADA","xrefs":{"IAVB":["2024-B-0104"],"ICSA":["24-214-05"]},"pluginPublicationDate":"8/9/2024","pluginModificationDate":"8/26/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1723161600000,"205317"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"205316","_score":null,"_source":{"plugin_modification_date":"2024-08-26T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0104","type":"advisory","url":null},{"id_type":"ICSA","id":"24-214-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-32758","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32758"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?add56de2"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?d26e725d"}],"description":"The version of the Johnson Controls exacqVision Web Server running on the remote host is affected by an inadequate encryption strength vulnerability. Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"205316","available_languages":["en_US"],"synopsis":"A web server running on the remote host is affected by an inadequate encryption strength vulnerability.","script_name":"Johnson Controls ExacqVision Web Server Inadequate Encryption Strength (JCI-PSA-2024-14)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"See vendor advisory.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-09T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"SCADA","xrefs":{"IAVB":["2024-B-0104"],"ICSA":["24-214-01"]},"pluginPublicationDate":"8/9/2024","pluginModificationDate":"8/26/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1723161600000,"205316"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"205315","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.exacq.com/"}],"description":"The Johnson Controls exacqVision Web Server is installed on the remote Windows host.","risk_factor":"Info","script_id":"205315","available_languages":["en_US"],"synopsis":"The Johnson Controls exacqVision Web Server is installed on the remote Windows host.","script_name":"Johnson Controls exacqVision Web Server Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-08-09T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"8/9/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1723161600000,"205315"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"201196","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"cve","id":"CVE-2022-43514","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43514"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?0d3e98a3"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?963b81ec"}],"description":"The Siemens Automation License Manager (ALM) running on the remote host is affected by a path traversal vulnerability. An unauthenticated, remote attacker could exploit this to upload arbitrary files to any folder on the remote host.","risk_factor":"Critical","script_id":"201196","available_languages":["en_US"],"synopsis":"A license management application is affected by a path traversal vulnerability.","script_name":"Siemens Automation License Manager Path Traversal (CVE-2022-43514)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Apply mitigation in the vendor advisory.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-07-01T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{},"pluginPublicationDate":"7/1/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1719792000000,"201196"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"201195","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?3f7a786b"}],"description":"The Siemens Automation License Manager is running on the remote host.","risk_factor":"Info","script_id":"201195","available_languages":["en_US"],"synopsis":"A license management application is running on the remote host.","script_name":"Siemens Automation License Manager Remote Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-07-01T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"7/1/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1719792000000,"201195"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"201036","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"TRA","id":"TRA-2024-24","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-5988","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5988"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?cbdb422a"}],"description":"The Rockwell Automation ThinManager ThinServer running on the remote host is affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this, via specially crafted messages, to execute arbitrary code with SYSTEM privileges.","risk_factor":"Critical","script_id":"201036","available_languages":["en_US"],"synopsis":"An OT application is affected by a remote code execution vulnerability.","script_name":"Rockwell Automation ThinManager ThinServer RCE (CVE-2024-5988)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Apply mitigations in the vendor advisory.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-06-26T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"TRA":["TRA-2024-24"]},"pluginPublicationDate":"6/26/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1719360000000,"201036"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"200987","_score":null,"_source":{"plugin_modification_date":"2024-10-23T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-5988","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5988"},{"id_type":"cve","id":"CVE-2024-5989","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5989"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?cbdb422a"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.tenable.com/security/research/tra-2024-24"}],"thorough_tests":true,"description":"The version of Rockwell Automation ThinManager ThinServer installed on the remote host is 11.1.x prior to 11.1.8, 11.2.x prior to 11.2.9, 12.0.x prior to 12.0.7, 12.1.x prior to 12.1.8, 13.0.x prior to 13.0.5, 13.1.x prior to 13.1.3 or 13.2.x prior to 13.2.2. It is therefore, affected by mutliple vulnerabilities:\n\n - Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the affected device. (CVE-2024-5988)\n\n - Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the affected device. (CVE-2024-5989) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"200987","available_languages":["en_US"],"synopsis":"The Rockwell Automation ThinManager/ThinServer is affected by multiple vulnerabilities.","script_name":"Rockwell Automation ThinManager ThinServer SD1677 Multiple Vulnerabilites","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell Automation ThinManager ThinServer 11.1.8, 11.2.9, 12.0.7, 12.1.8, 13.0.5, 13.1.3, 13.2.2 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-06-25T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{},"pluginPublicationDate":"6/25/2024","pluginModificationDate":"10/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1719273600000,"200987"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"200986","_score":null,"_source":{"plugin_modification_date":"2024-10-23T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-5990","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5990"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?cbdb422a"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.tenable.com/security/research/tra-2024-24"}],"thorough_tests":true,"description":"The version of Rockwell Automation ThinManager ThinServer installed on the remote host is 11.1.x prior to 11.1.8, 11.2.x prior to 11.2.9, 12.0.x prior to 12.0.7, 12.1.x prior to 12.1.8, 13.0.x prior to 13.0.4, 13.1.x prior to 13.1.2.\nIt is therefore, affected by an improper input validation vulnerability:\n\n - Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within ThinServer and cause a denial-of-service condition on the affected device. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"200986","available_languages":["en_US"],"synopsis":"The Rockwell Automation ThinManager/ThinServer is affected by an improper input validation vulnerability.","script_name":"Rockwell Automation ThinManager ThinServer Improper Input Validation (CVE-2024-5990)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell Automation ThinManager ThinServer 11.1.8, 11.2.9, 12.0.7, 12.1.8, 13.0.4, 13.1.2 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-06-25T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"SCADA","xrefs":{},"pluginPublicationDate":"6/25/2024","pluginModificationDate":"10/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1719273600000,"200986"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"198230","_score":null,"_source":{"plugin_modification_date":"2024-06-03T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0067","type":"advisory","url":null},{"id_type":"ICSA","id":"22-090-07","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-1159","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1159"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-22-090-07"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?7c944bfe"}],"description":"The version of Rockwell Studio 5000 Logix Designer installed on the remote Windows host is prior to V34. It is, therefore, affected by a vulnerability.\n\n - An attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject controller code undetectable to a user. (CVE-2022-1159)\n\nThis plugin requires paranoia because it cannot test for all mitigations.\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"198230","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell Studio 5000 Logix Designer \u003c V34 Code Hiding","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell Studio 5000 Logix Designer to V34 or later and refer to vendor advisory for additional mitigations. Note that upgrading does not directly address the issue, but Rockwell notes additional steps you can take to mitigate the issue, including upgrading the controller firmware and utilizing compare tools to ensure the integrity of your programs.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-05-31T00:00:00","cvss":{"cvssv3_score":7.2,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P","cvssv3_temporal_score":6.3,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:S/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"IAVB":["2024-B-0067"],"ICSA":["22-090-07"]},"pluginPublicationDate":"5/31/2024","pluginModificationDate":"6/3/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1717113600000,"198230"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"197485","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.cyberpowersystems.com/products/software/utilities/"}],"description":"CyberPower Power Device Network Utility (PDNU) is running on the remote host.","risk_factor":"Info","script_id":"197485","available_languages":["en_US"],"synopsis":"A device power management application is running on the remote host.","script_name":"CyberPower Power Device Network Utility Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-05-17T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"5/17/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1715904000000,"197485"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"197484","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"TRA","id":"TRA-2024-14","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-32735","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32735"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?98a2e9c9"}],"description":"The CyberPower Power Device Network Utility (PDNU) running on the remote host is affected by a missing authentication vulnerability. An unauthenticated, remote attacker can exploit this, via specially crafted messages, to access critical functions of the application.","risk_factor":"High","script_id":"197484","available_languages":["en_US"],"synopsis":"A device power management application is missing authentication for critical functions.","script_name":"CyberPower Power Device Network Utility Missing Authentication (CVE-2024-32735)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to PowerPanel Enterprise v2.8.3 / PDNU v2.1.3 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-05-17T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"TRA":["TRA-2024-14"]},"pluginPublicationDate":"5/17/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1715904000000,"197484"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"196950","_score":null,"_source":{"plugin_modification_date":"2024-10-23T00:00:00","references":[{"id_type":"ICSA","id":"24-130-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2023-31274","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31274"},{"id_type":"cve","id":"CVE-2023-34348","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34348"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-130-01"}],"thorough_tests":true,"description":"The version of Rockwell FactoryTalk Historian installed on the remote Windows host is prior to 9.01. It is, therefore, affected by a vulnerability.\n\n - FactoryTalk Historian SE utilizes the AVEVA PI Server, which contains a vulnerability that could allow an unauthenticated user to cause a partial denial-of-service condition in the PI Message Subsystem of a PI Server by consuming available memory. This vulnerability exists in FactoryTalk Historian SE versions 9.0 and earlier. Exploitation of this vulnerability could cause FactoryTalk Historian SE to become unavailable, requiring a power cycle to recover it. (CVE-2023-31274)\n\n - FactoryTalk Historian SE uses the AVEVA PI Server, which contains a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition. This vulnerability exists in FactoryTalk Historian SE versions 9.0 and earlier. Exploitation of this vulnerability could cause FactoryTalk Historian SE to become unavailable, requiring a power cycle to recover it.\n (CVE-2023-34348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"196950","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Historian \u003c 9.01 DoS","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Historian version 9.01 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-05-14T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"SCADA","xrefs":{"ICSA":["24-130-01"]},"pluginPublicationDate":"5/14/2024","pluginModificationDate":"10/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1715644800000,"196950"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"196949","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[],"thorough_tests":true,"description":"Rockwell FactoryTalk Historian is installed on the remote Windows host.","risk_factor":"Info","script_id":"196949","available_languages":["en_US"],"synopsis":"Rockwell FactoryTalk Historian is installed on the remote Windows host.","script_name":"Rockwell FactoryTalk Historian Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-05-14T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"5/14/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1715644800000,"196949"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"193685","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-23811","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23811"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-943925.html"}],"description":"The Siemens SINEC NMS running on the remote host is affected by a file upload vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted TFTP message, to upload malicious files that could potentially lead to remote code execution.","risk_factor":"High","script_id":"193685","available_languages":["en_US"],"synopsis":"An OT application is affected by a file upload vulnerability.","script_name":"Siemens SINEC NMS TFTP File Upload (CVE-2024-23811)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to V2.0 SP1 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-04-22T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.9,"rating":null,"cvssv2_vector_base":"AV:A/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":6.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":8.3,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{},"pluginPublicationDate":"4/22/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1713744000000,"193685"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"192702","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://polarion.plm.automation.siemens.com/products/polarion-alm"}],"description":"The Siemens Polarion ALM, an application lifecycle management software, is running on the remote host.","risk_factor":"Info","script_id":"192702","available_languages":["en_US"],"synopsis":"An application lifecycle management software is running on the remote host.","script_name":"Siemens Polarion ALM Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-03-29T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"3/29/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1711670400000,"192702"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"192107","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-22844","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22844"},{"id_type":null,"id":null,"type":"unknown","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2023-1700"}],"description":"The Milesight MilesightVPN running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to access protected resources.","risk_factor":"Critical","script_id":"192107","available_languages":["en_US"],"synopsis":"A secure communication application is affected by an authentication bypass vulnerability.","script_name":"Milesight MilesightVPN Authentication Bypass (CVE-2023-22844)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to v2.0.3 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-03-14T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"SCADA","xrefs":{},"pluginPublicationDate":"3/14/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1710374400000,"192107"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"192106","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.milesight.com/iot/product/milesightvpn"}],"description":"The Milesight MilesightVPN, a secure communication application, is running on the remote host.","risk_factor":"Info","script_id":"192106","available_languages":["en_US"],"synopsis":"A secure communication application is running on the remote host.","script_name":"Milesight MilesightVPN Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-03-14T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"3/14/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1710374400000,"192106"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"191096","_score":null,"_source":{"plugin_modification_date":"2024-12-16T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0317","type":"advisory","url":null},{"id_type":"ICSA","id":"24-046-16","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-21915","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21915"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-16"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html"}],"description":"The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is less than 2.74. It is, therefore, affected by a vulnerability.\n\n - A privilege escalation vulnerability exists in FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable. (CVE-2024-21915)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"191096","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Services Platform \u003c 2.74 Privilege Escalation","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Services Platform version 2.74 or later or refer to the vendor advisory for other mitigations.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-02-28T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":6.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"IAVA":["2024-A-0317"],"ICSA":["24-046-16"]},"pluginPublicationDate":"2/28/2024","pluginModificationDate":"12/16/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1709078400000,"191096"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"190220","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"ICSA","id":"22-256-03","type":"advisory","url":null},{"id_type":"ZDI","id":"ZDI-22-1453","type":"vulnerability","url":null},{"id_type":"ZDI","id":"ZDI-23-1529","type":"vulnerability","url":null},{"id_type":"cve","id":"CVE-2022-3214","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3214"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-22-256-03"}],"description":"The Delta Electronics DIAEnergie running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to bypass access control to login to the application.","risk_factor":"Critical","script_id":"190220","available_languages":["en_US"],"synopsis":"An OT application is affected by an authentication bypass vulnerability.","script_name":"Delta Electronics DIAEnergie Hard-coded JWT Key (CVE-2022-3214)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade DIAEnergie to version 1.9.03.009 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-02-08T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"ICSA":["22-256-03"],"ZDI":["ZDI-22-1453","ZDI-23-1529"]},"pluginPublicationDate":"2/8/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1707350400000,"190220"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189991","_score":null,"_source":{"plugin_modification_date":"2024-05-31T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0317","type":"advisory","url":null},{"id_type":"ICSA","id":"24-030-06","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-21917","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21917"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-06"}],"description":"The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is prior to 6.40. It is, therefore, affected by a vulnerability.\n\n - A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication. (CVE-2024-21917)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"189991","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Services Platform \u003c 6.40 Authentication Bypass","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Services Platform version 6.40 or later or refer to the vendor advisory for other mitigations.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-02-05T00:00:00","cvss":{"cvssv3_score":9.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N","cvssv3_temporal_score":7.9,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":9.4,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.2","script_family":"SCADA","xrefs":{"IAVA":["2024-A-0317"],"ICSA":["24-030-06"]},"pluginPublicationDate":"2/5/2024","pluginModificationDate":"5/31/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1707091200000,"189991"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189747","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?7a1358cd"}],"description":"The CyberPower PowerPanel Enterprise, a power management application, is running on the remote host.","risk_factor":"Info","script_id":"189747","available_languages":["en_US"],"synopsis":"A power management application is running on the remote host.","script_name":"CyberPower PowerPanel Enterprise Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-01-29T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"1/29/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1706486400000,"189747"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189746","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":"cve","id":"CVE-2023-3265","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3265"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?73f6d52d"}],"description":"The CyberPower PowerPanel Enterprise running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to login to the application.","risk_factor":"Critical","script_id":"189746","available_languages":["en_US"],"synopsis":"A power management application is affected by an authentication bypass vulnerability.","script_name":"CyberPower PowerPanel Enterprise Authentication Bypass (CVE-2023-3265)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to version 2.7.1 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2024-01-29T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{},"pluginPublicationDate":"1/29/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1706486400000,"189746"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189290","_score":null,"_source":{"plugin_modification_date":"2024-01-23T00:00:00","references":[{"id_type":"ICSA","id":"18-102-02","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2015-8277","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8277"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-18-102-02"}],"description":"The version of Rockwell FactoryTalk Activation Manager installed on the remote Windows host is prior to 4.02. It is, therefore, affected by a vulnerability.\n\n - A custom string copying function of the license server manager in FlexNet Publisher does not use proper bounds checking on incoming data, allowing a remote, unauthenticated user to send crafted messages with the intent of causing a buffer overflow. (CVE-2015-8277)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"189290","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Activation Manager \u003c 4.02 Buffer Overflow","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Activation Manager version 4.02 or later or refer to vendor advisory.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-01-22T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"ICSA":["18-102-02"]},"pluginPublicationDate":"1/22/2024","pluginModificationDate":"1/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1705881600000,"189290"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189289","_score":null,"_source":{"plugin_modification_date":"2024-01-23T00:00:00","references":[{"id_type":"ICSA","id":"24-004-01","type":"advisory","url":null},{"id_type":"CEA-ID","id":"CEA-2023-0052","type":"unknown","url":null},{"id_type":"cve","id":"CVE-2023-38545","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545"},{"id_type":"cve","id":"CVE-2023-3935","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3935"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-004-01"}],"description":"The version of Rockwell FactoryTalk Activation Manager installed on the remote Windows host is prior to 5.01. It is, therefore, affected by a vulnerability.\n\n - Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the affected Wibu-Systems' products which internally use a version of libcurl that is vulnerable to a buffer overflow attack if curl is configured to redirect traffic through a SOCKS5 proxy. A malicious proxy can exploit a bug in the implemented handshake to cause a buffer overflow.\n If no SOCKS5 proxy has been configured, there is no attack surface.\n (CVE-2023-38545)\n\n - Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the affected Wibu-Systems' products which contain a heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to Version 7.60b that allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system. (CVE-2023-3935)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"189289","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Activation Manager \u003c 5.01 RCE","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Activation Manager version 5.01 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-01-22T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"SCADA","xrefs":{"ICSA":["24-004-01"]},"pluginPublicationDate":"1/22/2024","pluginModificationDate":"1/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1705881600000,"189289"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189288","_score":null,"_source":{"plugin_modification_date":"2024-01-23T00:00:00","references":[{"id_type":"ICSA","id":"18-102-02","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-13754","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13754"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-18-102-02"}],"description":"The version of Rockwell FactoryTalk Activation Manager installed on the remote Windows host is prior to 4.02. It is, therefore, affected by a vulnerability.\n\n - A Cross-Site Scripting (XSS) vulnerability was found in certain versions of Wibu-Systems CodeMeter that may allow local attackers to inject arbitrary web script or HTML via a specific field in a configuration file, allowing an attacker to access sensitive information, or even rewrite the content of the HTML page. (CVE-2017-13754)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Low","script_id":"189288","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Activation Manager \u003c 4.02 XSS","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Activation Manager version 4.02 or later or refer to vendor advisory.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-01-22T00:00:00","cvss":{"cvssv3_score":5.4,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N","cvssv3_temporal_score":4.9,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:S/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":2.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":3.5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.8","script_family":"SCADA","xrefs":{"ICSA":["18-102-02"]},"pluginPublicationDate":"1/22/2024","pluginModificationDate":"1/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Low"},"sort":[1705881600000,"189288"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189287","_score":null,"_source":{"plugin_modification_date":"2025-02-12T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?9b793308"}],"description":"Rockwell FactoryTalk Activation Manager is installed on the remote Windows host.","risk_factor":"Info","script_id":"189287","available_languages":["en_US"],"synopsis":"Rockwell FactoryTalk products are installed on the remote Windows host.","script_name":"Rockwell FactoryTalk Activation Manager Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-01-22T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"1/22/2024","pluginModificationDate":"2/12/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1705881600000,"189287"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189286","_score":null,"_source":{"plugin_modification_date":"2024-01-23T00:00:00","references":[{"id_type":"ICSA","id":"17-047-02","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-6015","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6015"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-17-047-02"}],"description":"The version of Rockwell FactoryTalk Activation Manager installed on the remote Windows host is prior to 4.01.00. It is, therefore, affected by a vulnerability.\n\n - Without quotation marks, any whitespace in the file path remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system.\n (CVE-2017-6015)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"189286","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Activation Manager \u003c 4.01.00 Privilege Escalation","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Activation Manager version 4.01.00 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-01-22T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"ICSA":["17-047-02"]},"pluginPublicationDate":"1/22/2024","pluginModificationDate":"1/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1705881600000,"189286"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"189258","_score":null,"_source":{"plugin_modification_date":"2024-05-31T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0317","type":"advisory","url":null},{"id_type":"ICSA","id":"23-299-06","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2023-46290","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46290"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-06"}],"description":"The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is 2.74. It is, therefore, affected by a vulnerability.\n\n - Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk Services Platform web service and then use the token to log in into FactoryTalk Services Platform. This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk Services Platform web service. (CVE-2023-46290)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"189258","available_languages":["en_US"],"synopsis":"An application installed on the remote Windows host is affected by a vulnerability.","script_name":"Rockwell FactoryTalk Services Platform 2.74 Authentication Bypass","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Rockwell FactoryTalk Services Platform version 2.80 or later or refer to the vendor advisory for other mitigations.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-01-20T00:00:00","cvss":{"cvssv3_score":8.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.1,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"IAVA":["2024-A-0317"],"ICSA":["23-299-06"]},"pluginPublicationDate":"1/20/2024","pluginModificationDate":"5/31/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1705708800000,"189258"]}],"total":456,"type":"nessus","family":"SCADA","page":1,"apiUrl":"https://www.tenable.com/plugins/api/v1/nessus/families/SCADA?page=1"},"cookies":{},"user":null,"flash":null,"env":{"baseUrl":"https://www.tenable.com","host":"www.tenable.com","ga4TrackingId":""},"isUnsupportedBrowser":true,"__N_SSP":true},"page":"/plugins/[type]/families/[family]","query":{"type":"nessus","family":"SCADA"},"buildId":"TgpC0GgDQiX0eP8wJ615X","isFallback":false,"isExperimentalCompile":false,"gssp":true,"appGip":true,"locale":"en","locales":["en","de","es","fr","ja","ko","zh-CN","zh-TW"],"defaultLocale":"en","domainLocales":[{"domain":"www.tenable.com","defaultLocale":"en"},{"domain":"de.tenable.com","defaultLocale":"de"},{"domain":"es-la.tenable.com","defaultLocale":"es"},{"domain":"fr.tenable.com","defaultLocale":"fr"},{"domain":"jp.tenable.com","defaultLocale":"ja"},{"domain":"kr.tenable.com","defaultLocale":"ko"},{"domain":"www.tenablecloud.cn","defaultLocale":"zh-CN"},{"domain":"zh-tw.tenable.com","defaultLocale":"zh-TW"}],"scriptLoader":[]}</script></body></html>

CINXE.COM

SCADA Plugins | Tenable®