CINXE.COM
Windows Plugins | Tenable®
<!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><title>Windows Plugins<!-- --> | Tenable®</title><meta name="description" content="Listing all plugins in the Windows family"/><meta property="og:title" content="Windows Plugins"/><meta property="og:description" content="Listing all plugins in the Windows family"/><meta name="twitter:title" content="Windows Plugins"/><meta name="twitter:description" content="Listing all plugins in the Windows family"/><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="apple-touch-icon" sizes="180x180" href="https://www.tenable.com/themes/custom/tenable/img/favicons/apple-touch-icon.png"/><link rel="manifest" href="https://www.tenable.com/themes/custom/tenable/img/favicons/manifest.json"/><link rel="mask-icon" href="https://www.tenable.com/themes/custom/tenable/img/favicons/safari-pinned-tab.svg" color="#0071dd"/><link rel="icon" href="https://www.tenable.com/favicon.ico" sizes="any"/><link rel="icon" href="https://www.tenable.com/themes/custom/tenable/img/favicons/favicon.svg" type="image/svg+xml"/><meta name="msapplication-config" content="https://www.tenable.com/themes/custom/tenable/img/favicons/browserconfig.xml"/><meta name="theme-color" content="#ffffff"/><link rel="canonical" href="https://www.tenable.com/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="x-default" href="https://www.tenable.com/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="en" href="https://www.tenable.com/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="de" href="https://de.tenable.com/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="es" href="https://es-la.tenable.com/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="fr" href="https://fr.tenable.com/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="ja" href="https://jp.tenable.com/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="ko" href="https://kr.tenable.com/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="zh-CN" href="https://www.tenablecloud.cn/plugins/nessus/families/Windows"/><link rel="alternate" hrefLang="zh-TW" href="https://zh-tw.tenable.com/plugins/nessus/families/Windows"/><meta name="next-head-count" content="26"/><script type="text/javascript">window.NREUM||(NREUM={});NREUM.info = {"agent":"","beacon":"bam.nr-data.net","errorBeacon":"bam.nr-data.net","licenseKey":"5febff3e0e","applicationID":"96358297","agentToken":null,"applicationTime":28.683233,"transactionName":"MVBabEEHChVXU0IIXggab11RIBYHW1VBDkMNYEpRHCgBHkJaRU52I2EXF0MKEQFfXkVOahJMSF1uSQIHW1laCFQVGmNeUgsNCk9t","queueTime":0,"ttGuid":"398ee8dc178eae5e"}; (window.NREUM||(NREUM={})).init={ajax:{deny_list:["bam.nr-data.net"]}};(window.NREUM||(NREUM={})).loader_config={licenseKey:"5febff3e0e",applicationID:"96358297"};;/*! For license information please see nr-loader-rum-1.274.0.min.js.LICENSE.txt */ (()=>{var e,t,r={8122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},2555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(8122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},9417:(e,t,r)=>{"use strict";r.d(t,{D0:()=>g,gD:()=>h,xN:()=>p});var n=r(993);const i=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var o=r(2614),a=r(944),s=r(384),c=r(8122);const u="[data-nr-mask]",d=()=>{const e={mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,harvestTimeSeconds:10,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},feature_flags:[],generic_events:{enabled:!0,harvestTimeSeconds:30,autoStart:!0},harvest:{tooManyRequestsDelay:60},jserrors:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},logging:{enabled:!0,harvestTimeSeconds:10,autoStart:!0,level:n.p_.INFO},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,harvestTimeSeconds:30,autoStart:!0},performance:{capture_marks:!1,capture_measures:!1},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:o.wk,inactiveMs:o.BB},session_replay:{autoStart:!0,enabled:!1,harvestTimeSeconds:60,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){i(t)?e.mask_selector="".concat(t,",").concat(u):""===t||null===t?e.mask_selector=u:(0,a.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){i(t)?e.block_selector+=",".concat(t):""!==t&&(0,a.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,a.R)(7,t)}},session_trace:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},soft_navigations:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},spa:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},ssl:void 0,user_actions:{enabled:!0}}},l={},f="All configuration objects require an agent identifier!";function g(e){if(!e)throw new Error(f);if(!l[e])throw new Error("Configuration for ".concat(e," was never set"));return l[e]}function p(e,t){if(!e)throw new Error(f);l[e]=(0,c.a)(t,d());const r=(0,s.nY)(e);r&&(r.init=l[e])}function h(e,t){if(!e)throw new Error(f);var r=g(e);if(r){for(var n=t.split("."),i=0;i<n.length-1;i++)if("object"!=typeof(r=r[n[i]]))return;r=r[n[n.length-1]]}return r}},3371:(e,t,r)=>{"use strict";r.d(t,{V:()=>f,f:()=>l});var n=r(8122),i=r(384),o=r(6154),a=r(9324);let s=0;const c={buildEnv:a.F3,distMethod:a.Xs,version:a.xv,originTime:o.WN},u={customTransaction:void 0,disabled:!1,isolatedBacklog:!1,loaderType:void 0,maxBytes:3e4,onerror:void 0,ptid:void 0,releaseIds:{},appMetadata:{},session:void 0,denyList:void 0,timeKeeper:void 0,obfuscator:void 0},d={};function l(e){if(!e)throw new Error("All runtime objects require an agent identifier!");if(!d[e])throw new Error("Runtime for ".concat(e," was never set"));return d[e]}function f(e,t){if(!e)throw new Error("All runtime objects require an agent identifier!");d[e]={...(0,n.a)(t,u),...c},Object.hasOwnProperty.call(d[e],"harvestCount")||Object.defineProperty(d[e],"harvestCount",{get:()=>++s});const r=(0,i.nY)(e);r&&(r.runtime=d[e])}},9324:(e,t,r)=>{"use strict";r.d(t,{F3:()=>i,Xs:()=>o,xv:()=>n});const n="1.274.0",i="PROD",o="CDN"},6154:(e,t,r)=>{"use strict";r.d(t,{OF:()=>c,RI:()=>i,WN:()=>d,bv:()=>o,gm:()=>a,mw:()=>s,sb:()=>u});var n=r(1863);const i="undefined"!=typeof window&&!!window.document,o="undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self.navigator instanceof WorkerNavigator||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis.navigator instanceof WorkerNavigator),a=i?window:"undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis),s=Boolean("hidden"===a?.document?.visibilityState),c=/iPad|iPhone|iPod/.test(a.navigator?.userAgent),u=c&&"undefined"==typeof SharedWorker,d=((()=>{const e=a.navigator?.userAgent?.match(/Firefox[/\s](\d+\.\d+)/);Array.isArray(e)&&e.length>=2&&e[1]})(),Date.now()-(0,n.t)())},1687:(e,t,r)=>{"use strict";r.d(t,{Ak:()=>c,Ze:()=>l,x3:()=>u});var n=r(7836),i=r(3606),o=r(860),a=r(2646);const s={};function c(e,t){const r={staged:!1,priority:o.P3[t]||0};d(e),s[e].get(t)||s[e].set(t,r)}function u(e,t){e&&s[e]&&(s[e].get(t)&&s[e].delete(t),g(e,t,!1),s[e].size&&f(e))}function d(e){if(!e)throw new Error("agentIdentifier required");s[e]||(s[e]=new Map)}function l(e="",t="feature",r=!1){if(d(e),!e||!s[e].get(t)||r)return g(e,t);s[e].get(t).staged=!0,f(e)}function f(e){const t=Array.from(s[e]);t.every((([e,t])=>t.staged))&&(t.sort(((e,t)=>e[1].priority-t[1].priority)),t.forEach((([t])=>{s[e].delete(t),g(e,t)})))}function g(e,t,r=!0){const o=e?n.ee.get(e):n.ee,s=i.i.handlers;if(!o.aborted&&o.backlog&&s){if(r){const e=o.backlog[t],r=s[t];if(r){for(let t=0;e&&t<e.length;++t)p(e[t],r);Object.entries(r).forEach((([e,t])=>{Object.values(t||{}).forEach((t=>{t[0]?.on&&t[0]?.context()instanceof a.y&&t[0].on(e,t[1])}))}))}}o.isolatedBacklog||delete s[t],o.backlog[t]=null,o.emit("drain-"+t,[])}}function p(e,t){var r=e[1];Object.values(t[r]||{}).forEach((t=>{var r=e[0];if(t[0]===r){var n=t[1],i=e[3],o=e[2];n.apply(i,o)}}))}},7836:(e,t,r)=>{"use strict";r.d(t,{P:()=>c,ee:()=>u});var n=r(384),i=r(8990),o=r(3371),a=r(2646),s=r(5607);const c="nr@context:".concat(s.W),u=function e(t,r){var n={},s={},d={},l=!1;try{l=16===r.length&&(0,o.f)(r).isolatedBacklog}catch(e){}var f={on:p,addEventListener:p,removeEventListener:function(e,t){var r=n[e];if(!r)return;for(var i=0;i<r.length;i++)r[i]===t&&r.splice(i,1)},emit:function(e,r,n,i,o){!1!==o&&(o=!0);if(u.aborted&&!i)return;t&&o&&t.emit(e,r,n);for(var a=g(n),c=h(e),d=c.length,l=0;l<d;l++)c[l].apply(a,r);var p=m()[s[e]];p&&p.push([f,e,r,a]);return a},get:v,listeners:h,context:g,buffer:function(e,t){const r=m();if(t=t||"feature",f.aborted)return;Object.entries(e||{}).forEach((([e,n])=>{s[n]=t,t in r||(r[t]=[])}))},abort:function(){f._aborted=!0,Object.keys(f.backlog).forEach((e=>{delete f.backlog[e]}))},isBuffering:function(e){return!!m()[s[e]]},debugId:r,backlog:l?{}:t&&"object"==typeof t.backlog?t.backlog:{},isolatedBacklog:l};return Object.defineProperty(f,"aborted",{get:()=>{let e=f._aborted||!1;return e||(t&&(e=t.aborted),e)}}),f;function g(e){return e&&e instanceof a.y?e:e?(0,i.I)(e,c,(()=>new a.y(c))):new a.y(c)}function p(e,t){n[e]=h(e).concat(t)}function h(e){return n[e]||[]}function v(t){return d[t]=d[t]||e(f,t)}function m(){return f.backlog}}(void 0,"globalEE"),d=(0,n.Zm)();d.ee||(d.ee=u)},2646:(e,t,r)=>{"use strict";r.d(t,{y:()=>n});class n{constructor(e){this.contextId=e}}},9908:(e,t,r)=>{"use strict";r.d(t,{d:()=>n,p:()=>i});var n=r(7836).ee.get("handle");function i(e,t,r,i,o){o?(o.buffer([e],i),o.emit(e,t,r)):(n.buffer([e],i),n.emit(e,t,r))}},3606:(e,t,r)=>{"use strict";r.d(t,{i:()=>o});var n=r(9908);o.on=a;var i=o.handlers={};function o(e,t,r,o){a(o||n.d,i,e,t,r)}function a(e,t,r,i,o){o||(o="feature"),e||(e=n.d);var a=t[o]=t[o]||{};(a[r]=a[r]||[]).push([e,i])}},3878:(e,t,r)=>{"use strict";function n(e,t){return{capture:e,passive:!1,signal:t}}function i(e,t,r=!1,i){window.addEventListener(e,t,n(r,i))}function o(e,t,r=!1,i){document.addEventListener(e,t,n(r,i))}r.d(t,{DD:()=>o,jT:()=>n,sp:()=>i})},5607:(e,t,r)=>{"use strict";r.d(t,{W:()=>n});const n=(0,r(9566).bz)()},9566:(e,t,r)=>{"use strict";r.d(t,{LA:()=>s,bz:()=>a});var n=r(6154);const i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";function o(e,t){return e?15&e[t]:16*Math.random()|0}function a(){const e=n.gm?.crypto||n.gm?.msCrypto;let t,r=0;return e&&e.getRandomValues&&(t=e.getRandomValues(new Uint8Array(30))),i.split("").map((e=>"x"===e?o(t,r++).toString(16):"y"===e?(3&o()|8).toString(16):e)).join("")}function s(e){const t=n.gm?.crypto||n.gm?.msCrypto;let r,i=0;t&&t.getRandomValues&&(r=t.getRandomValues(new Uint8Array(e)));const a=[];for(var s=0;s<e;s++)a.push(o(r,i++).toString(16));return a.join("")}},2614:(e,t,r)=>{"use strict";r.d(t,{BB:()=>a,H3:()=>n,g:()=>u,iL:()=>c,tS:()=>s,uh:()=>i,wk:()=>o});const n="NRBA",i="SESSION",o=144e5,a=18e5,s={STARTED:"session-started",PAUSE:"session-pause",RESET:"session-reset",RESUME:"session-resume",UPDATE:"session-update"},c={SAME_TAB:"same-tab",CROSS_TAB:"cross-tab"},u={OFF:0,FULL:1,ERROR:2}},1863:(e,t,r)=>{"use strict";function n(){return Math.floor(performance.now())}r.d(t,{t:()=>n})},944:(e,t,r)=>{"use strict";function n(e,t){"function"==typeof console.debug&&console.debug("New Relic Warning: https://github.com/newrelic/newrelic-browser-agent/blob/main/docs/warning-codes.md#".concat(e),t)}r.d(t,{R:()=>n})},5284:(e,t,r)=>{"use strict";r.d(t,{t:()=>c,B:()=>s});var n=r(7836),i=r(6154);const o="newrelic";const a=new Set,s={};function c(e,t){const r=n.ee.get(t);s[t]??={},e&&"object"==typeof e&&(a.has(t)||(r.emit("rumresp",[e]),s[t]=e,a.add(t),function(e={}){try{i.gm.dispatchEvent(new CustomEvent(o,{detail:e}))}catch(e){}}({loaded:!0})))}},8990:(e,t,r)=>{"use strict";r.d(t,{I:()=>i});var n=Object.prototype.hasOwnProperty;function i(e,t,r){if(n.call(e,t))return e[t];var i=r();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,t,{value:i,writable:!0,enumerable:!1}),i}catch(e){}return e[t]=i,i}},6389:(e,t,r)=>{"use strict";function n(e,t=500,r={}){const n=r?.leading||!1;let i;return(...r)=>{n&&void 0===i&&(e.apply(this,r),i=setTimeout((()=>{i=clearTimeout(i)}),t)),n||(clearTimeout(i),i=setTimeout((()=>{e.apply(this,r)}),t))}}function i(e){let t=!1;return(...r)=>{t||(t=!0,e.apply(this,r))}}r.d(t,{J:()=>i,s:()=>n})},5289:(e,t,r)=>{"use strict";r.d(t,{GG:()=>o,sB:()=>a});var n=r(3878);function i(){return"undefined"==typeof document||"complete"===document.readyState}function o(e,t){if(i())return e();(0,n.sp)("load",e,t)}function a(e){if(i())return e();(0,n.DD)("DOMContentLoaded",e)}},384:(e,t,r)=>{"use strict";r.d(t,{NT:()=>o,US:()=>d,Zm:()=>a,bQ:()=>c,dV:()=>s,nY:()=>u,pV:()=>l});var n=r(6154),i=r(1863);const o={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net"};function a(){return n.gm.NREUM||(n.gm.NREUM={}),void 0===n.gm.newrelic&&(n.gm.newrelic=n.gm.NREUM),n.gm.NREUM}function s(){let e=a();return e.o||(e.o={ST:n.gm.setTimeout,SI:n.gm.setImmediate,CT:n.gm.clearTimeout,XHR:n.gm.XMLHttpRequest,REQ:n.gm.Request,EV:n.gm.Event,PR:n.gm.Promise,MO:n.gm.MutationObserver,FETCH:n.gm.fetch,WS:n.gm.WebSocket}),e}function c(e,t){let r=a();r.initializedAgents??={},t.initializedAt={ms:(0,i.t)(),date:new Date},r.initializedAgents[e]=t}function u(e){let t=a();return t.initializedAgents?.[e]}function d(e,t){a()[e]=t}function l(){return function(){let e=a();const t=e.info||{};e.info={beacon:o.beacon,errorBeacon:o.errorBeacon,...t}}(),function(){let e=a();const t=e.init||{};e.init={...t}}(),s(),function(){let e=a();const t=e.loader_config||{};e.loader_config={...t}}(),a()}},2843:(e,t,r)=>{"use strict";r.d(t,{u:()=>i});var n=r(3878);function i(e,t=!1,r,i){(0,n.DD)("visibilitychange",(function(){if(t)return void("hidden"===document.visibilityState&&e());e(document.visibilityState)}),r,i)}},3434:(e,t,r)=>{"use strict";r.d(t,{YM:()=>c});var n=r(7836),i=r(5607);const o="nr@original:".concat(i.W);var a=Object.prototype.hasOwnProperty,s=!1;function c(e,t){return e||(e=n.ee),r.inPlace=function(e,t,n,i,o){n||(n="");const a="-"===n.charAt(0);for(let s=0;s<t.length;s++){const c=t[s],u=e[c];d(u)||(e[c]=r(u,a?c+n:n,i,c,o))}},r.flag=o,r;function r(t,r,n,s,c){return d(t)?t:(r||(r=""),nrWrapper[o]=t,function(e,t,r){if(Object.defineProperty&&Object.keys)try{return Object.keys(e).forEach((function(r){Object.defineProperty(t,r,{get:function(){return e[r]},set:function(t){return e[r]=t,t}})})),t}catch(e){u([e],r)}for(var n in e)a.call(e,n)&&(t[n]=e[n])}(t,nrWrapper,e),nrWrapper);function nrWrapper(){var o,a,d,l;try{a=this,o=[...arguments],d="function"==typeof n?n(o,a):n||{}}catch(t){u([t,"",[o,a,s],d],e)}i(r+"start",[o,a,s],d,c);try{return l=t.apply(a,o)}catch(e){throw i(r+"err",[o,a,e],d,c),e}finally{i(r+"end",[o,a,l],d,c)}}}function i(r,n,i,o){if(!s||t){var a=s;s=!0;try{e.emit(r,n,i,t,o)}catch(t){u([t,r,n,i],e)}s=a}}}function u(e,t){t||(t=n.ee);try{t.emit("internal-error",e)}catch(e){}}function d(e){return!(e&&"function"==typeof e&&e.apply&&!e[o])}},993:(e,t,r)=>{"use strict";r.d(t,{ET:()=>o,p_:()=>i});var n=r(860);const i={ERROR:"ERROR",WARN:"WARN",INFO:"INFO",DEBUG:"DEBUG",TRACE:"TRACE"},o="log";n.K7.logging},3969:(e,t,r)=>{"use strict";r.d(t,{TZ:()=>n,XG:()=>s,rs:()=>i,xV:()=>a,z_:()=>o});const n=r(860).K7.metrics,i="sm",o="cm",a="storeSupportabilityMetrics",s="storeEventMetrics"},6630:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewEvent},782:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewTiming},6344:(e,t,r)=>{"use strict";r.d(t,{G4:()=>i});var n=r(2614);r(860).K7.sessionReplay;const i={RECORD:"recordReplay",PAUSE:"pauseReplay",REPLAY_RUNNING:"replayRunning",ERROR_DURING_REPLAY:"errorDuringReplay"};n.g.ERROR,n.g.FULL,n.g.OFF},4234:(e,t,r)=>{"use strict";r.d(t,{W:()=>o});var n=r(7836),i=r(1687);class o{constructor(e,t){this.agentIdentifier=e,this.ee=n.ee.get(e),this.featureName=t,this.blocked=!1}deregisterDrain(){(0,i.x3)(this.agentIdentifier,this.featureName)}}},7603:(e,t,r)=>{"use strict";r.d(t,{j:()=>P});var n=r(860),i=r(2555),o=r(3371),a=r(9908),s=r(7836),c=r(1687),u=r(5289),d=r(6154),l=r(944),f=r(3969),g=r(384),p=r(6344);const h=["setErrorHandler","finished","addToTrace","addRelease","addPageAction","setCurrentRouteName","setPageViewName","setCustomAttribute","interaction","noticeError","setUserId","setApplicationVersion","start",p.G4.RECORD,p.G4.PAUSE,"log","wrapLogger"],v=["setErrorHandler","finished","addToTrace","addRelease"];var m=r(1863),b=r(2614),y=r(993);var w=r(2646),A=r(3434);function R(e,t,r,n){if("object"!=typeof t||!t||"string"!=typeof r||!r||"function"!=typeof t[r])return(0,l.R)(29);const i=function(e){return(e||s.ee).get("logger")}(e),o=(0,A.YM)(i),a=new w.y(s.P);return a.level=n.level,a.customAttributes=n.customAttributes,o.inPlace(t,[r],"wrap-logger-",a),i}function E(){const e=(0,g.pV)();h.forEach((t=>{e[t]=(...r)=>function(t,...r){let n=[];return Object.values(e.initializedAgents).forEach((e=>{e&&e.api?e.exposed&&e.api[t]&&n.push(e.api[t](...r)):(0,l.R)(38,t)})),n.length>1?n:n[0]}(t,...r)}))}const x={};function _(e,t,g=!1){t||(0,c.Ak)(e,"api");const h={};var w=s.ee.get(e),A=w.get("tracer");x[e]=b.g.OFF,w.on(p.G4.REPLAY_RUNNING,(t=>{x[e]=t}));var E="api-",_=E+"ixn-";function N(t,r,n,o){const a=(0,i.Vp)(e);return null===r?delete a.jsAttributes[t]:(0,i.x1)(e,{...a,jsAttributes:{...a.jsAttributes,[t]:r}}),j(E,n,!0,o||null===r?"session":void 0)(t,r)}function T(){}h.log=function(e,{customAttributes:t={},level:r=y.p_.INFO}={}){(0,a.p)(f.xV,["API/log/called"],void 0,n.K7.metrics,w),function(e,t,r={},i=y.p_.INFO){(0,a.p)(f.xV,["API/logging/".concat(i.toLowerCase(),"/called")],void 0,n.K7.metrics,e),(0,a.p)(y.ET,[(0,m.t)(),t,r,i],void 0,n.K7.logging,e)}(w,e,t,r)},h.wrapLogger=(e,t,{customAttributes:r={},level:i=y.p_.INFO}={})=>{(0,a.p)(f.xV,["API/wrapLogger/called"],void 0,n.K7.metrics,w),R(w,e,t,{customAttributes:r,level:i})},v.forEach((e=>{h[e]=j(E,e,!0,"api")})),h.addPageAction=j(E,"addPageAction",!0,n.K7.genericEvents),h.setPageViewName=function(t,r){if("string"==typeof t)return"/"!==t.charAt(0)&&(t="/"+t),(0,o.f)(e).customTransaction=(r||"http://custom.transaction")+t,j(E,"setPageViewName",!0)()},h.setCustomAttribute=function(e,t,r=!1){if("string"==typeof e){if(["string","number","boolean"].includes(typeof t)||null===t)return N(e,t,"setCustomAttribute",r);(0,l.R)(40,typeof t)}else(0,l.R)(39,typeof e)},h.setUserId=function(e){if("string"==typeof e||null===e)return N("enduser.id",e,"setUserId",!0);(0,l.R)(41,typeof e)},h.setApplicationVersion=function(e){if("string"==typeof e||null===e)return N("application.version",e,"setApplicationVersion",!1);(0,l.R)(42,typeof e)},h.start=()=>{try{(0,a.p)(f.xV,["API/start/called"],void 0,n.K7.metrics,w),w.emit("manual-start-all")}catch(e){(0,l.R)(23,e)}},h[p.G4.RECORD]=function(){(0,a.p)(f.xV,["API/recordReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.RECORD,[],void 0,n.K7.sessionReplay,w)},h[p.G4.PAUSE]=function(){(0,a.p)(f.xV,["API/pauseReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.PAUSE,[],void 0,n.K7.sessionReplay,w)},h.interaction=function(e){return(new T).get("object"==typeof e?e:{})};const S=T.prototype={createTracer:function(e,t){var r={},i=this,o="function"==typeof t;return(0,a.p)(f.xV,["API/createTracer/called"],void 0,n.K7.metrics,w),g||(0,a.p)(_+"tracer",[(0,m.t)(),e,r],i,n.K7.spa,w),function(){if(A.emit((o?"":"no-")+"fn-start",[(0,m.t)(),i,o],r),o)try{return t.apply(this,arguments)}catch(e){const t="string"==typeof e?new Error(e):e;throw A.emit("fn-err",[arguments,this,t],r),t}finally{A.emit("fn-end",[(0,m.t)()],r)}}}};function j(e,t,r,i){return function(){return(0,a.p)(f.xV,["API/"+t+"/called"],void 0,n.K7.metrics,w),i&&(0,a.p)(e+t,[(0,m.t)(),...arguments],r?null:this,i,w),r?void 0:this}}function k(){r.e(296).then(r.bind(r,8778)).then((({setAPI:t})=>{t(e),(0,c.Ze)(e,"api")})).catch((e=>{(0,l.R)(27,e),w.abort()}))}return["actionText","setName","setAttribute","save","ignore","onEnd","getContext","end","get"].forEach((e=>{S[e]=j(_,e,void 0,g?n.K7.softNav:n.K7.spa)})),h.setCurrentRouteName=g?j(_,"routeName",void 0,n.K7.softNav):j(E,"routeName",!0,n.K7.spa),h.noticeError=function(t,r){"string"==typeof t&&(t=new Error(t)),(0,a.p)(f.xV,["API/noticeError/called"],void 0,n.K7.metrics,w),(0,a.p)("err",[t,(0,m.t)(),!1,r,!!x[e]],void 0,n.K7.jserrors,w)},d.RI?(0,u.GG)((()=>k()),!0):k(),h}var N=r(9417),T=r(8122);const S={accountID:void 0,trustKey:void 0,agentID:void 0,licenseKey:void 0,applicationID:void 0,xpid:void 0},j={};var k=r(5284);const I=e=>{const t=e.startsWith("http");e+="/",r.p=t?e:"https://"+e};let O=!1;function P(e,t={},r,n){let{init:a,info:c,loader_config:u,runtime:l={},exposed:f=!0}=t;l.loaderType=r;const p=(0,g.pV)();c||(a=p.init,c=p.info,u=p.loader_config),(0,N.xN)(e.agentIdentifier,a||{}),function(e,t){if(!e)throw new Error("All loader-config objects require an agent identifier!");j[e]=(0,T.a)(t,S);const r=(0,g.nY)(e);r&&(r.loader_config=j[e])}(e.agentIdentifier,u||{}),c.jsAttributes??={},d.bv&&(c.jsAttributes.isWorker=!0),(0,i.x1)(e.agentIdentifier,c);const h=(0,N.D0)(e.agentIdentifier),v=[c.beacon,c.errorBeacon];O||(h.proxy.assets&&(I(h.proxy.assets),v.push(h.proxy.assets)),h.proxy.beacon&&v.push(h.proxy.beacon),E(),(0,g.US)("activatedFeatures",k.B),e.runSoftNavOverSpa&&=!0===h.soft_navigations.enabled&&h.feature_flags.includes("soft_nav")),l.denyList=[...h.ajax.deny_list||[],...h.ajax.block_internal?v:[]],l.ptid=e.agentIdentifier,(0,o.V)(e.agentIdentifier,l),e.ee=s.ee.get(e.agentIdentifier),void 0===e.api&&(e.api=_(e.agentIdentifier,n,e.runSoftNavOverSpa)),void 0===e.exposed&&(e.exposed=f),O=!0}},8374:(e,t,r)=>{r.nc=(()=>{try{return document?.currentScript?.nonce}catch(e){}return""})()},860:(e,t,r)=>{"use strict";r.d(t,{$J:()=>o,K7:()=>n,P3:()=>i});const n={ajax:"ajax",genericEvents:"generic_events",jserrors:"jserrors",logging:"logging",metrics:"metrics",pageAction:"page_action",pageViewEvent:"page_view_event",pageViewTiming:"page_view_timing",sessionReplay:"session_replay",sessionTrace:"session_trace",softNav:"soft_navigations",spa:"spa"},i={[n.pageViewEvent]:1,[n.pageViewTiming]:2,[n.metrics]:3,[n.jserrors]:4,[n.spa]:5,[n.ajax]:6,[n.sessionTrace]:7,[n.softNav]:8,[n.sessionReplay]:9,[n.logging]:10,[n.genericEvents]:11},o={[n.pageViewTiming]:"events",[n.ajax]:"events",[n.spa]:"events",[n.softNav]:"events",[n.metrics]:"jserrors",[n.jserrors]:"jserrors",[n.sessionTrace]:"browser/blobs",[n.sessionReplay]:"browser/blobs",[n.logging]:"browser/logs",[n.genericEvents]:"ins"}}},n={};function i(e){var t=n[e];if(void 0!==t)return t.exports;var o=n[e]={exports:{}};return r[e](o,o.exports,i),o.exports}i.m=r,i.d=(e,t)=>{for(var r in t)i.o(t,r)&&!i.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},i.f={},i.e=e=>Promise.all(Object.keys(i.f).reduce(((t,r)=>(i.f[r](e,t),t)),[])),i.u=e=>"nr-rum-1.274.0.min.js",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="NRBA-1.274.0.PROD:",i.l=(r,n,o,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==o)for(var u=document.getElementsByTagName("script"),d=0;d<u.length;d++){var l=u[d];if(l.getAttribute("src")==r||l.getAttribute("data-webpack")==t+o){s=l;break}}if(!s){c=!0;var f={296:"sha512-gkYkZDAwQ9PwaDXs2YM+rNIdRej1Ac1mupWobRJ8eahQcXz6/sunGZCKklrzi5kWxhOGRZr2tn0rEKuLTXzfAA=="};(s=document.createElement("script")).charset="utf-8",s.timeout=120,i.nc&&s.setAttribute("nonce",i.nc),s.setAttribute("data-webpack",t+o),s.src=r,0!==s.src.indexOf(window.location.origin+"/")&&(s.crossOrigin="anonymous"),f[a]&&(s.integrity=f[a])}e[r]=[n];var g=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var i=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),i&&i.forEach((e=>e(n))),t)return t(n)},p=setTimeout(g.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=g.bind(null,s.onerror),s.onload=g.bind(null,s.onload),c&&document.head.appendChild(s)}},i.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.p="https://js-agent.newrelic.com/",(()=>{var e={840:0,374:0};i.f.j=(t,r)=>{var n=i.o(e,t)?e[t]:void 0;if(0!==n)if(n)r.push(n[2]);else{var o=new Promise(((r,i)=>n=e[t]=[r,i]));r.push(n[2]=o);var a=i.p+i.u(t),s=new Error;i.l(a,(r=>{if(i.o(e,t)&&(0!==(n=e[t])&&(e[t]=void 0),n)){var o=r&&("load"===r.type?"missing":r.type),a=r&&r.target&&r.target.src;s.message="Loading chunk "+t+" failed.\n("+o+": "+a+")",s.name="ChunkLoadError",s.type=o,s.request=a,n[1](s)}}),"chunk-"+t,t)}};var t=(t,r)=>{var n,o,[a,s,c]=r,u=0;if(a.some((t=>0!==e[t]))){for(n in s)i.o(s,n)&&(i.m[n]=s[n]);if(c)c(i)}for(t&&t(r);u<a.length;u++)o=a[u],i.o(e,o)&&e[o]&&e[o][0](),e[o]=0},r=self["webpackChunk:NRBA-1.274.0.PROD"]=self["webpackChunk:NRBA-1.274.0.PROD"]||[];r.forEach(t.bind(null,0)),r.push=t.bind(null,r.push.bind(r))})(),(()=>{"use strict";i(8374);var e=i(944),t=i(6344),r=i(9566);class n{agentIdentifier;constructor(e=(0,r.LA)(16)){this.agentIdentifier=e}#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}addPageAction(e,t){return this.#e("addPageAction",e,t)}setPageViewName(e,t){return this.#e("setPageViewName",e,t)}setCustomAttribute(e,t,r){return this.#e("setCustomAttribute",e,t,r)}noticeError(e,t){return this.#e("noticeError",e,t)}setUserId(e){return this.#e("setUserId",e)}setApplicationVersion(e){return this.#e("setApplicationVersion",e)}setErrorHandler(e){return this.#e("setErrorHandler",e)}addRelease(e,t){return this.#e("addRelease",e,t)}log(e,t){return this.#e("log",e,t)}}class o extends n{#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}start(){return this.#e("start")}finished(e){return this.#e("finished",e)}recordReplay(){return this.#e(t.G4.RECORD)}pauseReplay(){return this.#e(t.G4.PAUSE)}addToTrace(e){return this.#e("addToTrace",e)}setCurrentRouteName(e){return this.#e("setCurrentRouteName",e)}interaction(){return this.#e("interaction")}wrapLogger(e,t,r){return this.#e("wrapLogger",e,t,r)}}var a=i(860),s=i(9417);const c=Object.values(a.K7);function u(e){const t={};return c.forEach((r=>{t[r]=function(e,t){return!0===(0,s.gD)(t,"".concat(e,".enabled"))}(r,e)})),t}var d=i(7603);var l=i(1687),f=i(4234),g=i(5289),p=i(6154),h=i(384);const v=e=>p.RI&&!0===(0,s.gD)(e,"privacy.cookies_enabled");function m(e){return!!(0,h.dV)().o.MO&&v(e)&&!0===(0,s.gD)(e,"session_trace.enabled")}var b=i(6389);class y extends f.W{constructor(e,t,r=!0){super(e.agentIdentifier,t),this.auto=r,this.abortHandler=void 0,this.featAggregate=void 0,this.onAggregateImported=void 0,!1===e.init[this.featureName].autoStart&&(this.auto=!1),this.auto?(0,l.Ak)(e.agentIdentifier,t):this.ee.on("manual-start-all",(0,b.J)((()=>{(0,l.Ak)(e.agentIdentifier,this.featureName),this.auto=!0,this.importAggregator(e)})))}importAggregator(t,r={}){if(this.featAggregate||!this.auto)return;let n;this.onAggregateImported=new Promise((e=>{n=e}));const o=async()=>{let o;try{if(v(this.agentIdentifier)){const{setupAgentSession:e}=await i.e(296).then(i.bind(i,3861));o=e(t)}}catch(t){(0,e.R)(20,t),this.ee.emit("internal-error",[t]),this.featureName===a.K7.sessionReplay&&this.abortHandler?.()}try{if(t.sharedAggregator)await t.sharedAggregator;else{t.sharedAggregator=i.e(296).then(i.bind(i,9337));const{EventAggregator:e}=await t.sharedAggregator;t.sharedAggregator=new e}if(!this.#t(this.featureName,o))return(0,l.Ze)(this.agentIdentifier,this.featureName),void n(!1);const{lazyFeatureLoader:e}=await i.e(296).then(i.bind(i,6103)),{Aggregate:a}=await e(this.featureName,"aggregate");this.featAggregate=new a(t,r),n(!0)}catch(t){(0,e.R)(34,t),this.abortHandler?.(),(0,l.Ze)(this.agentIdentifier,this.featureName,!0),n(!1),this.ee&&this.ee.abort()}};p.RI?(0,g.GG)((()=>o()),!0):o()}#t(e,t){switch(e){case a.K7.sessionReplay:return m(this.agentIdentifier)&&!!t;case a.K7.sessionTrace:return!!t;default:return!0}}}var w=i(6630);class A extends y{static featureName=w.T;constructor(e,t=!0){super(e,w.T,t),this.importAggregator(e)}}var R=i(9908),E=i(2843),x=i(3878),_=i(782),N=i(1863);class T extends y{static featureName=_.T;constructor(e,t=!0){super(e,_.T,t),p.RI&&((0,E.u)((()=>(0,R.p)("docHidden",[(0,N.t)()],void 0,_.T,this.ee)),!0),(0,x.sp)("pagehide",(()=>(0,R.p)("winPagehide",[(0,N.t)()],void 0,_.T,this.ee))),this.importAggregator(e))}}var S=i(3969);class j extends y{static featureName=S.TZ;constructor(e,t=!0){super(e,S.TZ,t),this.importAggregator(e)}}new class extends o{constructor(t,r){super(r),p.gm?(this.features={},(0,h.bQ)(this.agentIdentifier,this),this.desiredFeatures=new Set(t.features||[]),this.desiredFeatures.add(A),this.runSoftNavOverSpa=[...this.desiredFeatures].some((e=>e.featureName===a.K7.softNav)),(0,d.j)(this,t,t.loaderType||"agent"),this.run()):(0,e.R)(21)}get config(){return{info:this.info,init:this.init,loader_config:this.loader_config,runtime:this.runtime}}run(){try{const t=u(this.agentIdentifier),r=[...this.desiredFeatures];r.sort(((e,t)=>a.P3[e.featureName]-a.P3[t.featureName])),r.forEach((r=>{if(!t[r.featureName]&&r.featureName!==a.K7.pageViewEvent)return;if(this.runSoftNavOverSpa&&r.featureName===a.K7.spa)return;if(!this.runSoftNavOverSpa&&r.featureName===a.K7.softNav)return;const n=function(e){switch(e){case a.K7.ajax:return[a.K7.jserrors];case a.K7.sessionTrace:return[a.K7.ajax,a.K7.pageViewEvent];case a.K7.sessionReplay:return[a.K7.sessionTrace];case a.K7.pageViewTiming:return[a.K7.pageViewEvent];default:return[]}}(r.featureName).filter((e=>!(e in this.features)));n.length>0&&(0,e.R)(36,{targetFeature:r.featureName,missingDependencies:n}),this.features[r.featureName]=new r(this)}))}catch(t){(0,e.R)(22,t);for(const e in this.features)this.features[e].abortHandler?.();const r=(0,h.Zm)();delete r.initializedAgents[this.agentIdentifier]?.api,delete r.initializedAgents[this.agentIdentifier]?.features,delete this.sharedAggregator;return r.ee.get(this.agentIdentifier).abort(),!1}}}({features:[A,T,j],loaderType:"lite"})})()})();</script><link data-next-font="size-adjust" rel="preconnect" href="/" crossorigin="anonymous"/><link nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" rel="preload" href="/_next/static/css/ffa80ed36c27c549.css" as="style"/><link nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" rel="stylesheet" href="/_next/static/css/ffa80ed36c27c549.css" data-n-g=""/><noscript data-n-css="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx"></noscript><script defer="" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" nomodule="" src="/_next/static/chunks/polyfills-78c92fac7aa8fdd8.js"></script><script src="/_next/static/chunks/webpack-a707e99c69361791.js" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" defer=""></script><script src="/_next/static/chunks/framework-b0ec748c7a4c483a.js" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" defer=""></script><script src="/_next/static/chunks/main-dbb03be72fb978ea.js" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" defer=""></script><script src="/_next/static/chunks/pages/_app-db8f48fde056b518.js" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" defer=""></script><script src="/_next/static/chunks/9177-dfdc6421d8bd40ea.js" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" defer=""></script><script src="/_next/static/chunks/pages/plugins/%5Btype%5D/families/%5Bfamily%5D-f765c4b37fa0da30.js" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" defer=""></script><script src="/_next/static/l4vcnKDxIXiOkUtvMoFnX/_buildManifest.js" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" defer=""></script><script src="/_next/static/l4vcnKDxIXiOkUtvMoFnX/_ssgManifest.js" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx" defer=""></script></head><body data-base-url="https://www.tenable.com" data-ga4-tracking-id=""><div id="__next"><div class="app__wrapper"><header class="banner"><div class="nav-wrapper"><ul class="list-inline nav-brand"><li class="list-inline-item"><a href="https://www.tenable.com"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo.png" alt="Tenable"/></a></li><li class="list-inline-item"><a class="app-name" href="https://www.tenable.com/plugins">Plugins</a></li></ul><ul class="nav-dropdown nav"><li class="d-none d-md-block dropdown nav-item"><a aria-haspopup="true" href="#" class="dropdown-toggle nav-link" aria-expanded="false">Settings</a><div tabindex="-1" role="menu" aria-hidden="true" class="dropdown-menu dropdown-menu-right"><h6 tabindex="-1" class="dropdown-header">Links</h6><a href="https://cloud.tenable.com" role="menuitem" class="dropdown-item">Tenable Cloud<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><a href="https://community.tenable.com/login" role="menuitem" class="dropdown-item">Tenable Community & Support<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><a href="https://university.tenable.com/lms/index.php?r=site/sso&sso_type=saml" role="menuitem" class="dropdown-item">Tenable University<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity<!-- --> <i class="fas fa-info-circle" id="preferredSeverity"></i></div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><button type="button" tabindex="0" role="menuitem" class="dropdown-item-link dropdown-item">Help</button></div></li></ul><div class="d-block d-md-none"><button type="button" aria-label="Toggle Overlay" class="btn btn-link nav-toggle"><i class="fas fa-bars fa-2x"></i></button></div></div></header><div class="mobile-nav closed"><ul class="flex-column nav"><li class="mobile-header nav-item"><a href="https://www.tenable.com" class="float-left nav-link"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo-teal.png" alt="Tenable"/></a><a class="float-right mr-2 nav-link"><i class="fas fa-times fa-lg"></i></a></li><li class="nav-item"><a class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/pipeline">Plugins Pipeline</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nessus/families?type=nessus">Nessus Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/was/families?type=was">WAS Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nnm/families?type=nnm">NNM Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/lce/families?type=lce">LCE Families</a></li><li class="no-capitalize nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/ot/families?type=ot">Tenable OT Security Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/families/about">About Plugin Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/release-notes">Release Notes</a></li></div></div><li class="nav-item"><a class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/search">Search Audit Files</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/items/search">Search Items</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/references">References</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/authorities">Authorities</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/documentation">Documentation</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div></div><li class="nav-item"><a class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioa">Indicators of Attack</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioe">Indicators of Exposure</a></li></div></div><li class="nav-item"><a class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/search">Search</a></li></div></div><li class="nav-item"><a class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques/search">Search</a></li></div></div><ul id="links-nav" class="flex-column mt-5 nav"><li class="nav-item"><a class="nav-link">Links<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a href="https://cloud.tenable.com" class="nav-link">Tenable Cloud</a></li><li class="nav-item"><a href="https://community.tenable.com/login" class="nav-link">Tenable Community & Support</a></li><li class="nav-item"><a href="https://university.tenable.com/lms/index.php?r=site/sso&sso_type=saml" class="nav-link">Tenable University</a></li></div></div><li class="nav-item"><a class="nav-link">Settings<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse py-3"><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity</div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></li><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></li></div></div></ul></ul></div><div class="app__container"><div class="app__content"><div class="card callout callout-alert callout-bg-danger mb-4"><div class="card-body"><h5 class="mb-2 text-white">Your browser is no longer supported</h5><p class="text-white">Please update or use another browser for this application to function correctly.</p></div></div><div class="row"><div class="col-3 col-xl-2 d-none d-md-block"><h6 class="side-nav-heading">Detections</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-down"></i></a></li><div class="side-nav-collapse collapse show"><li class="false nav-item"><a href="/plugins" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/plugins/pipeline" class="nav-link"><span>Plugins Pipeline</span></a></li><li class="false nav-item"><a href="/plugins/release-notes" class="nav-link"><span>Release Notes</span></a></li><li class="false nav-item"><a href="/plugins/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/plugins/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/plugins/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/plugins/nessus/families" class="nav-link"><span>Nessus Families</span></a></li><li class="false nav-item"><a href="/plugins/was/families" class="nav-link"><span>WAS Families</span></a></li><li class="false nav-item"><a href="/plugins/nnm/families" class="nav-link"><span>NNM Families</span></a></li><li class="false nav-item"><a href="/plugins/lce/families" class="nav-link"><span>LCE Families</span></a></li><li class="false nav-item"><a href="/plugins/ot/families" class="nav-link"><span>Tenable OT Security Families</span></a></li><li class="false nav-item"><a href="/plugins/families/about" class="nav-link"><span>About Plugin Families</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/audits" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/audits/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/audits/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/audits/search" class="nav-link"><span>Search Audit Files</span></a></li><li class="false nav-item"><a href="/audits/items/search" class="nav-link"><span>Search Items</span></a></li><li class="false nav-item"><a href="/audits/references" class="nav-link"><span>References</span></a></li><li class="false nav-item"><a href="/audits/authorities" class="nav-link"><span>Authorities</span></a></li><li class="false nav-item"><a href="/audits/documentation" class="nav-link"><span>Documentation</span></a></li><li class="nav-item"><a class="nav-link" href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div><li class="nav-item"><a type="button" class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/indicators" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/indicators/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/indicators/ioa" class="nav-link"><span>Indicators of Attack</span></a></li><li class="false nav-item"><a href="/indicators/ioe" class="nav-link"><span>Indicators of Exposure</span></a></li></div></ul><h6 class="side-nav-heading">Analytics</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/cve" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/cve/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/cve/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/cve/search" class="nav-link"><span>Search</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/attack-path-techniques" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/attack-path-techniques/search" class="nav-link"><span>Search</span></a></li></div></ul></div><div class="col-12 col-md-9 col-xl-10"><h1 class="mb-3 h2">Windows Family for Nessus</h1><nav class="d-none d-md-block" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins">Plugins</a></li><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins/nessus/families?type=nessus">Nessus Plugin Families</a></li><li class="active breadcrumb-item" aria-current="page">Windows</li></ol></nav><nav class="d-md-none" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins/nessus/families?type=nessus"><i class="fas fa-chevron-left"></i> <!-- -->Nessus Plugin Families</a></li></ol></nav><div class="card"><div class="p-3 card-body"><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/nessus/families/Windows?page=0">‹‹ <!-- -->Previous<span class="sr-only"> <!-- -->Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 144<!-- --> <span class="d-none d-sm-inline">• <!-- -->7164 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/nessus/families/Windows?page=2"><span class="sr-only">Next</span>Next<!-- --> ››</a></li></ul></nav><div class="table-responsive"><table class="results-table table"><thead><tr><th>ID</th><th>Name</th><th>Severity</th></tr></thead><tbody><tr><td><a href="https://www.tenable.com/plugins/nessus/211905">211905</a></td><td>Veeam Backup and Replication 10.x < 12.2.0.334 Authentication Bypass (November 2024) (KB4682)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211877">211877</a></td><td>Mozilla Firefox ESR < 128.5</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211875">211875</a></td><td>Mozilla Firefox ESR < 115.18</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211872">211872</a></td><td>Mozilla Firefox < 133.0</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211871">211871</a></td><td>Mozilla Thunderbird < 128.5</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211868">211868</a></td><td>Mozilla Thunderbird < 133.0</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211854">211854</a></td><td>Zscaler Client Connector Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211853">211853</a></td><td>Trend Micro Apex One Multiple Vulnerabilities (KA-0016669)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211852">211852</a></td><td>DuckDB Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211821">211821</a></td><td>Trend Micro InterScan Web Security Virtual Appliance (IWSVA) XSS (KA-0016722)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211730">211730</a></td><td>Atlassian SourceTree 3.4.19 RCE</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211728">211728</a></td><td>Rockwell Automation FactoryTalk Updater Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211727">211727</a></td><td>Rockwell Automation FactoryTalk Updater Agent < 4.20.00 Privilege Escalation</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211726">211726</a></td><td>Rockwell Automation FactoryTalk Updater Client 4.20.00 RCE</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211725">211725</a></td><td>7-Zip < 24.07 RCE (ZDI-24-1532)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211720">211720</a></td><td>Microsoft Edge (Chromium) < 131.0.2903.63 Multiple Vulnerabilities</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211713">211713</a></td><td>Adobe InDesign < 19.5.1 / 20.0.0 < 20.0.1 Memory leak (APSB24-91)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211690">211690</a></td><td>Intel oneAPI Base Toolkit < 2024.2.0 Multiple Vulnerabilities</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211673">211673</a></td><td>Telerik UI for WPF < 2024.4.1111 Unsafe Deserialization</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211672">211672</a></td><td>Progress Telerik UI for WinForms < 2024.4.1113 Unsafe Deserialization</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211657">211657</a></td><td>Wireshark 4.2.x < 4.2.9 Multiple Vulnerabilities</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211652">211652</a></td><td>Adobe Lightroom Classic < 13.5.1 Memory leak (APSB24-78)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211635">211635</a></td><td>ManageEngine ADAudit Plus < Build 8123 SQLi (CVE-2024-49574)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211632">211632</a></td><td>JetBrains WebStorm Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211591">211591</a></td><td>Trend Micro Deep Security Agent Local Privilege Escalation (KA-0016724)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211583">211583</a></td><td>Google Chrome < 131.0.6778.85 Vulnerability</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211470">211470</a></td><td>Python Improper Validation SSRF (CVE-2024-11168)</td><td><h6 class="m-1"><span class="badge badge-low">low</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211458">211458</a></td><td>Ivanti Endpoint Manager 2024 - November 2024 Security Update</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211457">211457</a></td><td>Ivanti Endpoint Manager 2024 - November 2024 Security Update</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211449">211449</a></td><td>Beckhoff TwinCAT Package Manager Security Advisory 2024-005</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211448">211448</a></td><td>Beckhoff TwinCAT Package Manager Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211447">211447</a></td><td>Siemens Solid Edge Installed (Windows)</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211446">211446</a></td><td>Siemens Solid Edge SSA-351178 Multiple Vulnerabilities</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211402">211402</a></td><td>Microsoft Edge (Chromium) < 131.0.2903.48 Multiple Vulnerabilities</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211399">211399</a></td><td>ManageEngine Endpoint Central < 11.3.2416.22 , 11.3.2428.x < 11.3.2428.10, 11.3.2435.x < 11.3.2435.1 Arbitrary File Deletion vulnerability</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211398">211398</a></td><td>Security Update for Microsoft Visual Studio Code Python Extension (November 2024)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/211397">211397</a></td><td>Security Update for Microsoft Visual Studio Code Remote SSH Extension (November 2024)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210958">210958</a></td><td>Citrix Virtual Apps and Desktops Session Recording Multiple Vulnerabilities (CTX691941)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210946">210946</a></td><td>Artifex Ghostscript < 10.04.0 Multiple Vulnerabilities</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210899">210899</a></td><td>Mozilla Thunderbird < 132.0.1</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210896">210896</a></td><td>Mozilla Thunderbird < 128.4.3</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210877">210877</a></td><td>Fortinet FortiClient Online Installer DLL Hijacking (FG-IR-24-205)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210876">210876</a></td><td>Fortinet FortiClient Privilege escalation via lua auto patch function (FG-IR-24-144)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210873">210873</a></td><td>Fortinet FortiClient Named Pipes Improper Access Control (FG-IR-24-199)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210867">210867</a></td><td>Security Update for Microsoft .NET Core SDK (November 2024)</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210849">210849</a></td><td>Adobe Bridge < 14.1.3 Multiple Vulnerabilities (APSB24-77)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210846">210846</a></td><td>Adobe After Effects < 24.6.3 Multiple Vulnerabilities (APSB24-85)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210845">210845</a></td><td>Adobe Audition < 24.6.3 Memory leak (APSB24-83)</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210778">210778</a></td><td>Google Chrome < 131.0.6778.69 Multiple Vulnerabilities</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a href="https://www.tenable.com/plugins/nessus/210773">210773</a></td><td>Adobe Illustrator < 28.7.2 Multiple Vulnerabilities (APSB24-87)</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr></tbody></table></div><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/nessus/families/Windows?page=0">‹‹ <!-- -->Previous<span class="sr-only"> <!-- -->Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 144<!-- --> <span class="d-none d-sm-inline">• <!-- -->7164 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/nessus/families/Windows?page=2"><span class="sr-only">Next</span>Next<!-- --> ››</a></li></ul></nav></div></div></div></div></div></div><footer class="footer"><div class="container"><ul class="footer-nav"><li class="footer-nav-item"><a href="https://www.tenable.com/">Tenable.com</a></li><li class="footer-nav-item"><a href="https://community.tenable.com">Community & Support</a></li><li class="footer-nav-item"><a href="https://docs.tenable.com">Documentation</a></li><li class="footer-nav-item"><a href="https://university.tenable.com">Education</a></li></ul><ul class="footer-nav footer-nav-secondary"><li class="footer-nav-item">© <!-- -->2024<!-- --> <!-- -->Tenable®, Inc. All Rights Reserved</li><li class="footer-nav-item"><a href="https://www.tenable.com/privacy-policy">Privacy Policy</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/legal">Legal</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/section-508-voluntary-product-accessibility">508 Compliance</a></li></ul></div></footer><div class="Toastify"></div></div></div><script id="__NEXT_DATA__" type="application/json" nonce="nonce-MGZiM2NkMTktM2E5ZC00YmRkLWEyOWEtZGIzY2RjN2UxZjMx">{"props":{"pageProps":{"plugins":[{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211905","_score":null,"_source":{"plugin_modification_date":"2024-11-27T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-40715","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40715"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.veeam.com/kb4649"}],"thorough_tests":true,"description":"The version of Veeam Backup and Replication installed on the remote Windows host is prior to 12.2.0.334. It is, therefore, affected by an authentication bypass vulnerability. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability. \n\nNote that Nessus has not tested for this issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"211905","available_languages":["en_US"],"synopsis":"The version of Veeam Backup and Replication installed on the remote Windows host is affected by an authentication bypass.","script_name":"Veeam Backup and Replication 10.x \u003c 12.2.0.334 Authentication Bypass (November 2024) (KB4682)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Veeam Backup and Replication version 12.2.0.334 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-27T00:00:00","cvss":{"cvssv3_score":7.7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:P","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:C/I:C/A:P","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.3,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.3","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/27/2024","pluginModificationDate":"11/27/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732665600000,"211905"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211877","_score":null,"_source":{"plugin_modification_date":"2024-11-26T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-11691","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11691"},{"id_type":"cve","id":"CVE-2024-11692","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692"},{"id_type":"cve","id":"CVE-2024-11693","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11693"},{"id_type":"cve","id":"CVE-2024-11694","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694"},{"id_type":"cve","id":"CVE-2024-11695","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695"},{"id_type":"cve","id":"CVE-2024-11696","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696"},{"id_type":"cve","id":"CVE-2024-11697","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697"},{"id_type":"cve","id":"CVE-2024-11698","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11698"},{"id_type":"cve","id":"CVE-2024-11699","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64/"}],"description":"The version of Firefox ESR installed on the remote Windows host is prior to 128.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-64 advisory.\n\n - Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. (CVE-2024-11691)\n\n - An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. (CVE-2024-11692)\n\n - The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. (CVE-2024-11693)\n\n - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. (CVE-2024-11694)\n\n - A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. (CVE-2024-11695)\n\n - The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. (CVE-2024-11696)\n\n - When handling keypress events, an attacker may have been able to trick a user into bypassing the Open Executable File? confirmation dialog. This could have led to malicious code execution. (CVE-2024-11697)\n\n - A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing Esc or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. This bug only affects the application when running on macOS. Other operating systems are unaffected. (CVE-2024-11698)\n\n - Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2024-11699)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211877","available_languages":["en_US"],"synopsis":"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Mozilla Firefox ESR \u003c 128.5","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Mozilla Firefox ESR version 128.5 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-26T00:00:00","cvss":{"cvssv3_score":6.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":5.3,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/26/2024","pluginModificationDate":"11/26/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732579200000,"211877"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211875","_score":null,"_source":{"plugin_modification_date":"2024-11-26T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-11691","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11691"},{"id_type":"cve","id":"CVE-2024-11694","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65/"}],"description":"The version of Firefox ESR installed on the remote Windows host is prior to 115.18. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-65 advisory.\n\n - Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. (CVE-2024-11691)\n\n - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. (CVE-2024-11694)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211875","available_languages":["en_US"],"synopsis":"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Mozilla Firefox ESR \u003c 115.18","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Mozilla Firefox ESR version 115.18 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-26T00:00:00","cvss":{"cvssv3_score":6.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":5.3,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/26/2024","pluginModificationDate":"11/26/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732579200000,"211875"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211872","_score":null,"_source":{"plugin_modification_date":"2024-11-27T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-11691","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11691"},{"id_type":"cve","id":"CVE-2024-11692","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692"},{"id_type":"cve","id":"CVE-2024-11693","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11693"},{"id_type":"cve","id":"CVE-2024-11694","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694"},{"id_type":"cve","id":"CVE-2024-11695","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695"},{"id_type":"cve","id":"CVE-2024-11696","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696"},{"id_type":"cve","id":"CVE-2024-11697","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697"},{"id_type":"cve","id":"CVE-2024-11698","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11698"},{"id_type":"cve","id":"CVE-2024-11699","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699"},{"id_type":"cve","id":"CVE-2024-11700","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11700"},{"id_type":"cve","id":"CVE-2024-11701","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11701"},{"id_type":"cve","id":"CVE-2024-11702","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11702"},{"id_type":"cve","id":"CVE-2024-11703","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11703"},{"id_type":"cve","id":"CVE-2024-11704","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704"},{"id_type":"cve","id":"CVE-2024-11705","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11705"},{"id_type":"cve","id":"CVE-2024-11706","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11706"},{"id_type":"cve","id":"CVE-2024-11708","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11708"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63/"}],"description":"The version of Firefox installed on the remote Windows host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-63 advisory.\n\n - Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. (CVE-2024-11691)\n\n - Malicious websites may have been able to user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. (CVE-2024-11700)\n\n - An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. (CVE-2024-11692)\n\n - The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt.\n This could have led to user confusion and possible spoofing attacks. (CVE-2024-11701)\n\n - Copying sensitive information from Private Browsing tabs on Android, such as passwords, may have inadvertently stored data in the cloud-based clipboard history if enabled. (CVE-2024-11702)\n\n - The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. (CVE-2024-11693)\n\n - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. (CVE-2024-11694)\n\n - A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. (CVE-2024-11695)\n\n - On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. (CVE-2024-11703)\n\n - The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. (CVE-2024-11696)\n\n - When handling keypress events, an attacker may have been able to trick a user into bypassing the Open Executable File? confirmation dialog. This could have led to malicious code execution. (CVE-2024-11697)\n\n - A double-free issue could have occurred in `secpkcs7decoderstartdecrypt()` when handling an error path.\n Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption. (CVE-2024-11704)\n\n - A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing Esc or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. This bug only affects the application when running on macOS. Other operating systems are unaffected. (CVE-2024-11698)\n\n - \u003ccode\u003eNSCDeriveKey\u003c/code\u003e inadvertently assumed that the \u003ccode\u003ephKey\u003c/code\u003e parameter is always non-NULL.\n When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows \u003ccode\u003ephKey\u003c/code\u003e to be NULL for certain mechanisms. (CVE-2024-11705)\n\n - A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the \u003ccode\u003eSECASN1DecodeItemUtil\u003c/code\u003e function, when handling malformed or improperly formatted input files.\n (CVE-2024-11706)\n\n - Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. (CVE-2024-11708)\n\n - Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2024-11699)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211872","available_languages":["en_US"],"synopsis":"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Mozilla Firefox \u003c 133.0","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Mozilla Firefox version 133.0 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-26T00:00:00","cvss":{"cvssv3_score":6.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":5.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/26/2024","pluginModificationDate":"11/27/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732579200000,"211872"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211871","_score":null,"_source":{"plugin_modification_date":"2024-11-26T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-11691","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11691"},{"id_type":"cve","id":"CVE-2024-11692","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692"},{"id_type":"cve","id":"CVE-2024-11693","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11693"},{"id_type":"cve","id":"CVE-2024-11694","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694"},{"id_type":"cve","id":"CVE-2024-11695","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695"},{"id_type":"cve","id":"CVE-2024-11696","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696"},{"id_type":"cve","id":"CVE-2024-11697","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697"},{"id_type":"cve","id":"CVE-2024-11698","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11698"},{"id_type":"cve","id":"CVE-2024-11699","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68/"}],"description":"The version of Thunderbird installed on the remote Windows host is prior to 128.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-68 advisory.\n\n - Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. (CVE-2024-11691)\n\n - An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. (CVE-2024-11692)\n\n - The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. (CVE-2024-11693)\n\n - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. (CVE-2024-11694)\n\n - A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. (CVE-2024-11695)\n\n - The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. (CVE-2024-11696)\n\n - When handling keypress events, an attacker may have been able to trick a user into bypassing the Open Executable File? confirmation dialog. This could have led to malicious code execution. (CVE-2024-11697)\n\n - A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing Esc or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. This bug only affects the application when running on macOS. Other operating systems are unaffected. (CVE-2024-11698)\n\n - Memory safety bugs present in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2024-11699)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211871","available_languages":["en_US"],"synopsis":"A mail client installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Mozilla Thunderbird \u003c 128.5","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Mozilla Thunderbird version 128.5 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-26T00:00:00","cvss":{"cvssv3_score":6.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":5.3,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/26/2024","pluginModificationDate":"11/26/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732579200000,"211871"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211868","_score":null,"_source":{"plugin_modification_date":"2024-11-27T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-11691","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11691"},{"id_type":"cve","id":"CVE-2024-11692","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692"},{"id_type":"cve","id":"CVE-2024-11693","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11693"},{"id_type":"cve","id":"CVE-2024-11694","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694"},{"id_type":"cve","id":"CVE-2024-11695","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695"},{"id_type":"cve","id":"CVE-2024-11696","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696"},{"id_type":"cve","id":"CVE-2024-11697","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697"},{"id_type":"cve","id":"CVE-2024-11698","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11698"},{"id_type":"cve","id":"CVE-2024-11699","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699"},{"id_type":"cve","id":"CVE-2024-11700","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11700"},{"id_type":"cve","id":"CVE-2024-11701","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11701"},{"id_type":"cve","id":"CVE-2024-11702","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11702"},{"id_type":"cve","id":"CVE-2024-11704","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704"},{"id_type":"cve","id":"CVE-2024-11705","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11705"},{"id_type":"cve","id":"CVE-2024-11706","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11706"},{"id_type":"cve","id":"CVE-2024-11708","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11708"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67/"}],"description":"The version of Thunderbird installed on the remote Windows host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-67 advisory.\n\n - Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. (CVE-2024-11691)\n\n - Malicious websites may have been able to user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. (CVE-2024-11700)\n\n - An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. (CVE-2024-11692)\n\n - The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt.\n This could have led to user confusion and possible spoofing attacks. (CVE-2024-11701)\n\n - Copying sensitive information from Private Browsing tabs on Android, such as passwords, may have inadvertently stored data in the cloud-based clipboard history if enabled. (CVE-2024-11702)\n\n - The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. (CVE-2024-11693)\n\n - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. (CVE-2024-11694)\n\n - A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. (CVE-2024-11695)\n\n - The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. (CVE-2024-11696)\n\n - When handling keypress events, an attacker may have been able to trick a user into bypassing the Open Executable File? confirmation dialog. This could have led to malicious code execution. (CVE-2024-11697)\n\n - A double-free issue could have occurred in `secpkcs7decoderstartdecrypt()` when handling an error path.\n Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption. (CVE-2024-11704)\n\n - A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing Esc or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. This bug only affects the application when running on macOS. Other operating systems are unaffected. (CVE-2024-11698)\n\n - \u003ccode\u003eNSCDeriveKey\u003c/code\u003e inadvertently assumed that the \u003ccode\u003ephKey\u003c/code\u003e parameter is always non-NULL.\n When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows \u003ccode\u003ephKey\u003c/code\u003e to be NULL for certain mechanisms. (CVE-2024-11705)\n\n - A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the \u003ccode\u003eSECASN1DecodeItemUtil\u003c/code\u003e function, when handling malformed or improperly formatted input files.\n (CVE-2024-11706)\n\n - Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. (CVE-2024-11708)\n\n - Memory safety bugs present in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2024-11699)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211868","available_languages":["en_US"],"synopsis":"A mail client installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Mozilla Thunderbird \u003c 133.0","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Mozilla Thunderbird version 133.0 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-26T00:00:00","cvss":{"cvssv3_score":6.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":5.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/26/2024","pluginModificationDate":"11/27/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732579200000,"211868"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211854","_score":null,"_source":{"plugin_modification_date":"2024-11-26T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?58432fc6"}],"description":"ZScaler Client Connector is installed on the remote Windows host.","risk_factor":"Info","script_id":"211854","available_languages":["en_US"],"synopsis":"ZScaler Client Connector is installed on the remote Windows host.","script_name":"Zscaler Client Connector Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-26T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/26/2024","pluginModificationDate":"11/26/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732579200000,"211854"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211853","_score":null,"_source":{"plugin_modification_date":"2024-11-27T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-36302","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36302"},{"id_type":"cve","id":"CVE-2024-36303","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36303"},{"id_type":"cve","id":"CVE-2024-36304","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36304"},{"id_type":"cve","id":"CVE-2024-36305","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36305"},{"id_type":"cve","id":"CVE-2024-36306","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36306"},{"id_type":"cve","id":"CVE-2024-36307","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36307"},{"id_type":"cve","id":"CVE-2024-37289","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37289"},{"id_type":null,"id":null,"type":"unknown","url":"https://success.trendmicro.com/en-US/solution/KA-0016669"}],"description":"According to its self-reported version, the Trend Micro application running on the remote Windows host is Apex One prior to SP1 (Server Build 12980 and Agent Build 12980). It is, therefore, affected by multiple vulnerabilities, including the following:\n\n - An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. (CVE-2024-36302)\n\n - A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. (CVE-2024-36304)\n\n - A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. (CVE-2024-36307)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211853","available_languages":["en_US"],"synopsis":"The remote Windows host is running an application that is affected by multiple vulnerabilities.","script_name":"Trend Micro Apex One Multiple Vulnerabilities (KA-0016669)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Apex One SP1 (b12980/12980) or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-26T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/26/2024","pluginModificationDate":"11/27/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732579200000,"211853"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211852","_score":null,"_source":{"plugin_modification_date":"2024-11-26T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://duckdb.org/"}],"thorough_tests":true,"description":"DuckDB is installed on the remote Windows host.","risk_factor":"Info","script_id":"211852","available_languages":["en_US"],"synopsis":"DuckDB is installed on the remote Windows host.","script_name":"DuckDB Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-26T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/26/2024","pluginModificationDate":"11/26/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732579200000,"211852"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211821","_score":null,"_source":{"plugin_modification_date":"2024-11-26T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-36359","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36359"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?e04fc2ed"}],"description":"A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nNote that Nessus has not tested for this issue but has instead relied solely on the application's self-reported version number.","risk_factor":"Medium","script_id":"211821","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is running an application that is affected by a cross-site scripting vulnerability","script_name":"Trend Micro InterScan Web Security Virtual Appliance (IWSVA) XSS (KA-0016722)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to the IWSVA version 6.5 SP3 Patch 2 (b3367) or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-25T00:00:00","cvss":{"cvssv3_score":5.4,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N","cvssv3_temporal_score":4.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:S/C:P/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.0","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/25/2024","pluginModificationDate":"11/26/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1732492800000,"211821"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211730","_score":null,"_source":{"plugin_modification_date":"2024-11-25T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0759","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-21697","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21697"},{"id_type":null,"id":null,"type":"unknown","url":"https://jira.atlassian.com/browse/SRCTREE-8168"}],"description":"The version of Atlassian SourceTree installed on the remote Windows host is version 3.4.19. It is, therefore, affected by a remote code execution vulnerability. An attacker, with the interaction of an authorized user, can execute arbitrary code on the affected host.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"211730","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The version of Atlassian SourceTree installed on the remote Windows host is affected by a remote code execution vulnerability.","script_name":"Atlassian SourceTree 3.4.19 RCE","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Atlassian SourceTree 3.4.20 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-22T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":6.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":9.3,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0759"]},"pluginPublicationDate":"11/22/2024","pluginModificationDate":"11/25/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1732233600000,"211730"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211728","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?dcec27e9"}],"description":"Rockwell Automation FactoryTalk Updater is installed on the remote Windows host.","risk_factor":"Info","script_id":"211728","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"Rockwell Automation FactoryTalk Updater is installed on the remote Windows host.","script_name":"Rockwell Automation FactoryTalk Updater Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-22T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/22/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"211728"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211727","_score":null,"_source":{"plugin_modification_date":"2024-11-25T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0177","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-10945","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10945"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?dd591eb7"}],"description":"The version of Rockwell Automation FactoryTalk Updater Agent installed on the remote Windows host is prior to 4.20.0. It is, therefore, affected by a privilege escalation vulnerability. For more information, consult the vendor advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211727","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"An updater application installed on the remote Windows host is affected by a privilege escalation vulnerability.","script_name":"Rockwell Automation FactoryTalk Updater Agent \u003c 4.20.00 Privilege Escalation","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to FactoryTalk Updater Agent 4.20.00 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-22T00:00:00","cvss":{"cvssv3_score":7.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.4,"rating":null,"cvssv2_vector_base":"AV:L/AC:M/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVB":["2024-B-0177"]},"pluginPublicationDate":"11/22/2024","pluginModificationDate":"11/25/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1732233600000,"211727"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211726","_score":null,"_source":{"plugin_modification_date":"2024-11-25T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0177","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-10944","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10944"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?dd591eb7"}],"description":"The version of Rockwell Automation FactoryTalk Updater Client installed on the remote Windows host is prior to 4.20.0. It is, therefore, affected by a remote code execution vulnerability. For more information, consult the vendor advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"211726","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"An updater application installed on the remote Windows host is affected by a remote code execution vulnerability.","script_name":"Rockwell Automation FactoryTalk Updater Client 4.20.00 RCE","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to FactoryTalk Updater Client 4.20.00 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-22T00:00:00","cvss":{"cvssv3_score":8.4,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7.3,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":6.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":8.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"8.1","script_family":"Windows","xrefs":{"IAVB":["2024-B-0177"]},"pluginPublicationDate":"11/22/2024","pluginModificationDate":"11/25/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1732233600000,"211726"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211725","_score":null,"_source":{"plugin_modification_date":"2024-11-26T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0765","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11477","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11477"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.zerodayinitiative.com/advisories/ZDI-24-1532/"}],"description":"The version of 7-Zip installed on the remote host is prior to 24.07. It is, therefore, affected by a remote code execution vulnerability as referenced in the ZDI-24-1532 advisory.\n\n - This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip.\n Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. (CVE-2024-11477)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"211725","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is missing a security update.","script_name":"7-Zip \u003c 24.07 RCE (ZDI-24-1532)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to 7-Zip version 24.07 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-22T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":6.8,"rating":null,"cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"8.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0765"]},"pluginPublicationDate":"11/22/2024","pluginModificationDate":"11/26/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1732233600000,"211725"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211720","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0753","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11395","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11395"},{"id_type":"cve","id":"CVE-2024-49054","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49054"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?c158b3b5"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11395"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49054"}],"description":"The version of Microsoft Edge installed on the remote Windows host is prior to 131.0.2903.63. It is, therefore, affected by multiple vulnerabilities as referenced in the November 21, 2024 advisory.\n\n - Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2024-11395)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211720","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host has an web browser installed that is affected by multiple vulnerabilities.","script_name":"Microsoft Edge (Chromium) \u003c 131.0.2903.63 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Microsoft Edge version 131.0.2903.63 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-22T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0753"]},"pluginPublicationDate":"11/22/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1732233600000,"211720"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211713","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"CWE","id":"125","type":"classifiers","url":null},{"id_type":"cve","id":"CVE-2024-49529","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49529"},{"id_type":null,"id":null,"type":"unknown","url":"https://helpx.adobe.com/security/products/indesign/apsb24-91.html"}],"description":"The version of Adobe InDesign installed on the remote Windows host is prior to 19.5.1, 20.0.1. It is, therefore, affected by a vulnerability as referenced in the APSB24-91 advisory.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Memory leak (CVE-2024-49529)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211713","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The Adobe InDesign instance installed on the remote host is affected by a memory leak vulnerability.","script_name":"Adobe InDesign \u003c 19.5.1 / 20.0.0 \u003c 20.0.1 Memory leak (APSB24-91)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Adobe InDesign version 19.5.1, 20.0.1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-22T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Windows","xrefs":{"CWE":["125"]},"pluginPublicationDate":"11/22/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1732233600000,"211713"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211690","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0747","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-28881","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28881"},{"id_type":"cve","id":"CVE-2024-28952","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28952"},{"id_type":"cve","id":"CVE-2024-36245","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36245"},{"id_type":"cve","id":"CVE-2024-37027","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37027"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?a7821d65"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?c1a60a8b"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?e84c84ff"}],"description":"Multiple vulnerabilities exist in Intel oneAPI Base Toolkit versions prior to 2024.2.0. See vendor advisory for more details. \n\n - Uncontrolled search path for some Intel® Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2024-28881)\n\n - Uncontrolled search path for some Intel® IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2024-28952)\n\n - Uncontrolled search path element in some Intel® VTune™ Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2024-36245)\n\n - Improper Input validation in some Intel® VTune™ Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access. (CVE-2024-37027)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211690","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote Windows host contains a library that is affected by multiple vulnerabilities.","script_name":"Intel oneAPI Base Toolkit \u003c 2024.2.0 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Intel oneAPI Base Toolkit 2024.2.0 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-21T00:00:00","cvss":{"cvssv3_score":6.7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":5.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"8.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0747"]},"pluginPublicationDate":"11/21/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1732147200000,"211690"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211673","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0176","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-10012","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10012"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?ad4887a3"}],"thorough_tests":true,"description":"The version of Progress Telerik UI for WPF installed on the remote Windows host is prior to 2024 Q4 (2024.4.1111). It is, therefore, affected by the following:\n\n - In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack is possible through an insecure deserialization vulnerability. \n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211673","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A web application development suite installed on the remote Windows host is affected by an unsafe deserialization vulnerability.","script_name":"Telerik UI for WPF \u003c 2024.4.1111 Unsafe Deserialization","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Telerik UI for WPF version 2024.4.1111 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-21T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:M/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"IAVB":["2024-B-0176"]},"pluginPublicationDate":"11/21/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732147200000,"211673"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211672","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0176","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-10013","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10013"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?599fca94"}],"thorough_tests":true,"description":"The version of Progress Telerik UI for WinForms installed on the remote host is prior to 2024.4.1113. It is, therefore, affected by the following vulnerability:\n\n - In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution attack is possible through an insecure deserialization vulnerability.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211672","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is missing a security update.","script_name":"Progress Telerik UI for WinForms \u003c 2024.4.1113 Unsafe Deserialization","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Progress Telerik UI for WinForms version 2024.4.1113 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-21T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:M/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"IAVB":["2024-B-0176"]},"pluginPublicationDate":"11/21/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732147200000,"211672"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211657","_score":null,"_source":{"plugin_modification_date":"2024-11-21T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-11595","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11595"},{"id_type":"cve","id":"CVE-2024-11596","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11596"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.wireshark.org/docs/relnotes/wireshark-4.2.9.html"},{"id_type":null,"id":null,"type":"unknown","url":"https://gitlab.com/wireshark/wireshark/-/issues/20176"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.wireshark.org/security/wnpa-sec-2024-14"},{"id_type":null,"id":null,"type":"unknown","url":"https://gitlab.com/wireshark/wireshark/-/issues/20214"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.wireshark.org/security/wnpa-sec-2024-15"}],"description":"The version of Wireshark installed on the remote Windows host is prior to 4.2.9. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.2.9 advisory.\n\n - The FiveCo RAP dissector could go into an infinite loop. Fixed in master: d8ca9fc339 Fixed in release-4.4:\n 4d58fef602 Fixed in release-4.2: 686dff0f01 Discovered in our internal testing environment. We are unaware of any exploits for this issue. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2024-11595)\n\n - The ECMP dissector could crash. Fixed in master: c8e5887073 Fixed in release-4.4: 8fd60c6448 Fixed in release-4.2: 06e0b0bb09 Discovered by Ivan Nardi We are unaware of any exploits for this issue. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2024-11596)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211657","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"An application installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Wireshark 4.2.x \u003c 4.2.9 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Wireshark version 4.2.9 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-20T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/20/2024","pluginModificationDate":"11/21/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732060800000,"211657"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211652","_score":null,"_source":{"plugin_modification_date":"2024-11-20T00:00:00","references":[{"id_type":"CWE","id":"125","type":"classifiers","url":null},{"id_type":"cve","id":"CVE-2024-45145","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45145"},{"id_type":null,"id":null,"type":"unknown","url":"https://helpx.adobe.com/security/products/lightroom/apsb24-78.html"}],"description":"The version of Adobe Lightroom Classic installed on the remote Windows host is prior to 13.5.1. It is, therefore, affected by a vulnerability as referenced in the APSB24-78 advisory.\n\n - Lightroom Desktop versions 7.4.1, 13.5, 12.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2024-45145)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211652","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The Adobe Lightroom Classic instance installed on the remote host is affected by a memory leak vulnerability.","script_name":"Adobe Lightroom Classic \u003c 13.5.1 Memory leak (APSB24-78)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Adobe Lightroom Classic version 13.5.1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-20T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Windows","xrefs":{"CWE":["125"]},"pluginPublicationDate":"11/20/2024","pluginModificationDate":"11/20/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1732060800000,"211652"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211635","_score":null,"_source":{"plugin_modification_date":"2024-11-25T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0758","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-49574","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49574"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?348f12d4"}],"description":"The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8123. It is, therefore, affected by a SQL injection vulnerability in the reports module..\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"211635","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is missing one or more security updates.","script_name":"ManageEngine ADAudit Plus \u003c Build 8123 SQLi (CVE-2024-49574)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to ManageEngine ADAudit Plus build 8123 or later.","plugin_type":"combined","sensor":"nessus","plugin_publication_date":"2024-11-20T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":6.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0758"]},"pluginPublicationDate":"11/20/2024","pluginModificationDate":"11/25/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1732060800000,"211635"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211632","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.jetbrains.com/webstorm/"}],"thorough_tests":true,"description":"JetBrains WebStorm is installed on the remote Windows host.\n\nNote that enabling the 'Perform thorough tests' setting is required to search the file system for the product.","risk_factor":"Info","script_id":"211632","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"JetBrains WebStorm is installed on the remote Windows host.","script_name":"JetBrains WebStorm Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-20T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/20/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732060800000,"211632"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211591","_score":null,"_source":{"plugin_modification_date":"2024-11-20T00:00:00","references":[{"id_type":"cve","id":"CVE-2024-36358","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36358"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?f3ecffd4"}],"description":"A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations.\n\nNote that Nessus has not tested for this issue but has instead relied solely on the application's self-reported version number.","risk_factor":"Medium","script_id":"211591","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is running an application that is affected by a local privilege escalation vulnerability","script_name":"Trend Micro Deep Security Agent Local Privilege Escalation (KA-0016724)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to the Deep Security Agent version 20.0.1-3180 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-19T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/19/2024","pluginModificationDate":"11/20/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1731974400000,"211591"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211583","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0760","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11395","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11395"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?6ad3b932"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/377384894"}],"thorough_tests":true,"description":"The version of Google Chrome installed on the remote Windows host is prior to 131.0.6778.85. It is, therefore, affected by a vulnerability as referenced in the 2024_11_stable-channel-update-for-desktop_19 advisory.\n\n - Type Confusion in V8. (CVE-2024-11395)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"211583","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A web browser installed on the remote Windows host is affected by a vulnerability.","script_name":"Google Chrome \u003c 131.0.6778.85 Vulnerability","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Google Chrome version 131.0.6778.85 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-19T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0760"]},"pluginPublicationDate":"11/19/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1731974400000,"211583"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211470","_score":null,"_source":{"plugin_modification_date":"2024-11-18T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0748","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11168","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11168"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?66c7faf9"}],"description":"The version of Python installed on the remote Windows host is improper validation vulnerability. The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Low","script_id":"211470","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host has an application installed that is affected by a vulnerability.","script_name":"Python Improper Validation SSRF (CVE-2024-11168)","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Python 3.11.4, 3.12.0b1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":3.7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":3.2,"rating":null,"cvssv2_vector_base":"AV:N/AC:H/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":1.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":2.6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Low","cvssv4_risk_factor":null},"vpr_score":"6.0","script_family":"Windows","xrefs":{"IAVA":["2024-A-0748"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/18/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Low","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Low"},"sort":[1731628800000,"211470"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211458","_score":null,"_source":{"plugin_modification_date":"2024-11-19T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0741","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-32839","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32839"},{"id_type":"cve","id":"CVE-2024-32841","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32841"},{"id_type":"cve","id":"CVE-2024-32844","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32844"},{"id_type":"cve","id":"CVE-2024-32847","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32847"},{"id_type":"cve","id":"CVE-2024-34780","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34780"},{"id_type":"cve","id":"CVE-2024-34781","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34781"},{"id_type":"cve","id":"CVE-2024-34782","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34782"},{"id_type":"cve","id":"CVE-2024-34784","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34784"},{"id_type":"cve","id":"CVE-2024-34787","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34787"},{"id_type":"cve","id":"CVE-2024-37376","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37376"},{"id_type":"cve","id":"CVE-2024-50322","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50322"},{"id_type":"cve","id":"CVE-2024-50323","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50323"},{"id_type":"cve","id":"CVE-2024-50324","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50324"},{"id_type":"cve","id":"CVE-2024-50326","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50326"},{"id_type":"cve","id":"CVE-2024-50327","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50327"},{"id_type":"cve","id":"CVE-2024-50328","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50328"},{"id_type":"cve","id":"CVE-2024-50329","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50329"},{"id_type":"cve","id":"CVE-2024-50330","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50330"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?fe606be2"}],"description":"The version of Ivanti Endpoint Manager 2024 running on the remote host lacking the November 2024 Hotfix. It is, therefore, affected by mutliple vulnerabilities: \n\n - Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required. (CVE-2024-34787)\n\n - Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required. (CVE-2024-50329) \n - SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. (CVE-2024-50330)\n\nNote that Nessus has not tested for these issues but has instead relied only on the service's self-reported version number of the affected dll files.","risk_factor":"Critical","script_id":"211458","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The instance of Ivanti Endpoint Manager 2024 running on the remote host is affected by multiple vulnerabilities","script_name":"Ivanti Endpoint Manager 2024 - November 2024 Security Update","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"See vendor advisory","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0741"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/19/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1731628800000,"211458"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211457","_score":null,"_source":{"plugin_modification_date":"2024-11-19T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0741","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-32839","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32839"},{"id_type":"cve","id":"CVE-2024-32841","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32841"},{"id_type":"cve","id":"CVE-2024-32844","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32844"},{"id_type":"cve","id":"CVE-2024-32847","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32847"},{"id_type":"cve","id":"CVE-2024-34780","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34780"},{"id_type":"cve","id":"CVE-2024-34781","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34781"},{"id_type":"cve","id":"CVE-2024-34782","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34782"},{"id_type":"cve","id":"CVE-2024-34784","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34784"},{"id_type":"cve","id":"CVE-2024-34787","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34787"},{"id_type":"cve","id":"CVE-2024-37376","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37376"},{"id_type":"cve","id":"CVE-2024-50322","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50322"},{"id_type":"cve","id":"CVE-2024-50323","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50323"},{"id_type":"cve","id":"CVE-2024-50324","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50324"},{"id_type":"cve","id":"CVE-2024-50326","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50326"},{"id_type":"cve","id":"CVE-2024-50327","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50327"},{"id_type":"cve","id":"CVE-2024-50328","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50328"},{"id_type":"cve","id":"CVE-2024-50329","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50329"},{"id_type":"cve","id":"CVE-2024-50330","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50330"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?fe606be2"}],"description":"The version of Ivanti Endpoint Manager 2024 running on the remote host lacking the November 2024 Hotfix. It is, therefore, affected by mutliple vulnerabilities: \n\n - Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required. (CVE-2024-34787)\n\n - Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required. (CVE-2024-50329) \n - SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. (CVE-2024-50330)\n\nNote that Nessus has not tested for these issues but has instead relied only on the service's self-reported version number of the affected dll files.","risk_factor":"Critical","script_id":"211457","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The instance of Ivanti Endpoint Manager 2024 running on the remote host is affected by multiple vulnerabilities","script_name":"Ivanti Endpoint Manager 2024 - November 2024 Security Update","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"See vendor advisory","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0741"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/19/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1731628800000,"211457"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211449","_score":null,"_source":{"plugin_modification_date":"2024-11-18T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0716","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-8934","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8934"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?394f7c43"}],"description":"The version of Beckhoff TwinCAT Package Manager installed on the remote Windows host is prior to 1.0.603.0. It is, therefore, affected by a command injection vulnerability. For more information, consult the vendor advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211449","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A package management application installed on the remote Windows host is affected by a command injection vulnerability.","script_name":"Beckhoff TwinCAT Package Manager Security Advisory 2024-005","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Beckhoff TwinCAT Package Manager 1.0.603.0 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":6.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C","cvssv3_temporal_score":5.7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:M/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"IAVA":["2024-A-0716"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/18/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1731628800000,"211449"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211448","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?573216b9"}],"thorough_tests":true,"description":"Beckhoff TwinCAT Package Manager is installed on the remote Windows host.","risk_factor":"Info","script_id":"211448","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"Beckhoff TwinCAT Package Manager is installed on the remote Windows host.","script_name":"Beckhoff TwinCAT Package Manager Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1731628800000,"211448"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211447","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://solidedge.siemens.com/en/"}],"description":"Siemens Solid Edge is installed on the remote Windows host.","risk_factor":"Info","script_id":"211447","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"Siemens Solid Edge is installed on the remote Windows host.","script_name":"Siemens Solid Edge Installed (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1731628800000,"211447"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211446","_score":null,"_source":{"plugin_modification_date":"2024-11-18T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0721","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-47940","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47940"},{"id_type":"cve","id":"CVE-2024-47941","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47941"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-351178.html"}],"description":"The version of Siemens Solid Edge installed on the remote Windows host is prior to 224.00.09.04. It is, therefore, affected by multiple vulnerabilities. For more information, consult the vendor advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"211446","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A CAD application installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Siemens Solid Edge SSA-351178 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Siemens Solid Edge 2024 Update 9 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"IAVA":["2024-A-0721"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/18/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1731628800000,"211446"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211402","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0753","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11110","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11110"},{"id_type":"cve","id":"CVE-2024-11111","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11111"},{"id_type":"cve","id":"CVE-2024-11112","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11112"},{"id_type":"cve","id":"CVE-2024-11113","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11113"},{"id_type":"cve","id":"CVE-2024-11114","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11114"},{"id_type":"cve","id":"CVE-2024-11115","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11115"},{"id_type":"cve","id":"CVE-2024-11116","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11116"},{"id_type":"cve","id":"CVE-2024-11117","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11117"},{"id_type":"cve","id":"CVE-2024-49025","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49025"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?a9b9d7d8"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11110"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11111"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11112"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11113"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11114"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11115"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11116"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-11117"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49025"}],"description":"The version of Microsoft Edge installed on the remote Windows host is prior to 131.0.2903.48. It is, therefore, affected by multiple vulnerabilities as referenced in the November 14, 2024 advisory.\n\n - Inappropriate implementation in Extensions in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) (CVE-2024-11110)\n\n - Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page.\n (Chromium security severity: Medium) (CVE-2024-11111)\n\n - Use after free in Media in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2024-11112)\n\n - Use after free in Accessibility in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) (CVE-2024-11113)\n\n - Inappropriate implementation in Views in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) (CVE-2024-11114)\n\n - Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 131.0.6778.69 allowed a remote attacker to perform privilege escalation via a series of UI gestures. (Chromium security severity:\n Medium) (CVE-2024-11115)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page.\n (Chromium security severity: Medium) (CVE-2024-11116)\n\n - Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Low) (CVE-2024-11117)\n\n - Microsoft Edge (Chromium-based) Information Disclosure Vulnerability (CVE-2024-49025)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211402","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host has an web browser installed that is affected by multiple vulnerabilities.","script_name":"Microsoft Edge (Chromium) \u003c 131.0.2903.48 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Microsoft Edge version 131.0.2903.48 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":5.4,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N","cvssv3_temporal_score":4.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.4,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"8.1","script_family":"Windows","xrefs":{"IAVA":["2024-A-0753"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1731628800000,"211402"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211399","_score":null,"_source":{"plugin_modification_date":"2024-11-18T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0715","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-10203","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10203"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?0a9c7483"}],"description":"The version of ManageEngine Endpoint Central installed on the remote Windows host is either prior to 11.3.2416.22, 11.3.2428.10 or 11.3.2435.1. It is,therefore, affected by a Arbitrary File Deletion vulnerability. For more information, consult the vendor advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211399","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote ManageEngine Endpoint Central host is missing a security update.","script_name":"ManageEngine Endpoint Central \u003c 11.3.2416.22 , 11.3.2428.x \u003c 11.3.2428.10, 11.3.2435.x \u003c 11.3.2435.1 \n Arbitrary File Deletion vulnerability","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to ManageEngine Endpoint Central versions 11.3.2416.22, 11.3.2428.10, 11.3.2435.1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.1,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0715"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/18/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1731628800000,"211399"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211398","_score":null,"_source":{"plugin_modification_date":"2024-11-18T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0734","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-49050","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49050"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49050"}],"thorough_tests":true,"description":"The Microsoft Visual Studio Code Python Extension is prior to version 2024.18.2. It is, therefore, affected by an undisclosed remote code execution vulnerability.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"211398","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host has an application installed that is missing a security update.","script_name":"Security Update for Microsoft Visual Studio Code Python Extension (November 2024)","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Update the Microsoft Visual Studio Code Python Extension to version 2024.18.2 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"IAVA":["2024-A-0734"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/18/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Critical","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1731628800000,"211398"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"211397","_score":null,"_source":{"plugin_modification_date":"2024-11-18T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0734","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-49049","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49049"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49049"}],"thorough_tests":true,"description":"The Microsoft Visual Studio Code Remote SSH Extension is prior to version 0.115.1. It is, therefore, affected by an undisclosed elevation of privilege vulnerability.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"211397","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host has an application installed that is missing a security update.","script_name":"Security Update for Microsoft Visual Studio Code Remote SSH Extension (November 2024)","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Update the Microsoft Visual Studio Code Remote SSH Extension to version 0.115.1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-15T00:00:00","cvss":{"cvssv3_score":7.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:N","cvssv3_temporal_score":6.2,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.0","script_family":"Windows","xrefs":{"IAVA":["2024-A-0734"]},"pluginPublicationDate":"11/15/2024","pluginModificationDate":"11/18/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1731628800000,"211397"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210958","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0725","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-8068","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8068"},{"id_type":"cve","id":"CVE-2024-8069","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8069"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.citrix.com/article/CTX691941"}],"description":"The version of Citrix Virtual Apps and Desktops installed on the remote Windows host is prior to 2407 hotfix 24.5.200.8, 1912 LTSR prior to CU9 hotfix 19.12.9100.6, 2203 LTSR prior to CU5 hotfix 22.03.5100.11, or 2402 LTSR prior to CU1 hotfix 24.02.1200.16. It is, therefore, affected by multiple vulnerabilities as per Citrix Security Bulletin CTX691941:\n\n - Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain.\n (CVE-2024-8068)\n\n - Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server. (CVE-2024-8069)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"210958","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"An application installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Citrix Virtual Apps and Desktops Session Recording Multiple Vulnerabilities (CTX691941)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to 2407 hotfix 24.5.200.8, 1912 LTSR CU9 hotfix 19.12.9100.6, 2203 LTSR CU5 hotfix 22.03.5100.11, or 2402 LTSR CU1 hotfix 24.02.1200.16 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-14T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.9,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"8.4","script_family":"Windows","xrefs":{"IAVA":["2024-A-0725"]},"pluginPublicationDate":"11/14/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1731542400000,"210958"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210946","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"IAVB","id":"2024-B-0170","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-46951","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46951"},{"id_type":"cve","id":"CVE-2024-46952","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46952"},{"id_type":"cve","id":"CVE-2024-46953","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46953"},{"id_type":"cve","id":"CVE-2024-46954","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46954"},{"id_type":"cve","id":"CVE-2024-46955","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46955"},{"id_type":"cve","id":"CVE-2024-46956","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46956"},{"id_type":null,"id":null,"type":"unknown","url":"https://ghostscript.readthedocs.io/en/gs10.04.0/News.html"}],"description":"Multiple vulnerabilities exist in Artifex Ghostscript versions prior to 10.04.0. See vendor advisory for more details. \n\n - An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values). (CVE-2024-46952)\n\n - An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal. (CVE-2024-46954)\n\n - An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution. (CVE-2024-46956) \n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"210946","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote Windows host contains a library that is affected by multiple vulnerabilities.","script_name":"Artifex Ghostscript \u003c 10.04.0 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Artifex Ghostscript 10.04.0 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-14T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Windows","xrefs":{"IAVB":["2024-B-0170"]},"pluginPublicationDate":"11/14/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1731542400000,"210946"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210899","_score":null,"_source":{"plugin_modification_date":"2024-11-20T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0749","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11159","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11159"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-62/"}],"description":"The version of Thunderbird installed on the remote Windows host is prior to 132.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-62 advisory.\n\n - Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext.\n (CVE-2024-11159)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"210899","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A mail client installed on the remote Windows host is affected by a vulnerability.","script_name":"Mozilla Thunderbird \u003c 132.0.1","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Mozilla Thunderbird version 132.0.1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-13T00:00:00","cvss":{"cvssv3_score":4.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":3.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"2.2","script_family":"Windows","xrefs":{"IAVA":["2024-A-0749"]},"pluginPublicationDate":"11/13/2024","pluginModificationDate":"11/20/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1731456000000,"210899"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210896","_score":null,"_source":{"plugin_modification_date":"2024-11-20T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0749","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11159","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11159"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-61/"}],"description":"The version of Thunderbird installed on the remote Windows host is prior to 128.4.3. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-61 advisory.\n\n - Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext.\n (CVE-2024-11159)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"210896","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A mail client installed on the remote Windows host is affected by a vulnerability.","script_name":"Mozilla Thunderbird \u003c 128.4.3","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Mozilla Thunderbird version 128.4.3 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-13T00:00:00","cvss":{"cvssv3_score":4.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":3.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"2.2","script_family":"Windows","xrefs":{"IAVA":["2024-A-0749"]},"pluginPublicationDate":"11/13/2024","pluginModificationDate":"11/20/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1731456000000,"210896"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210877","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0742","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-36507","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36507"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.fortiguard.com/psirt/FG-IR-24-205"}],"description":"The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-205 advisory.\n\n - A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering. (CVE-2024-36507)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"210877","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"remote Windows host is missing one or more security-related updates.","script_name":"Fortinet FortiClient Online Installer DLL Hijacking (FG-IR-24-205)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to FortiClient version 7.0.13 / 7.2.5 / 7.4.1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"IAVA":["2024-A-0742"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1731369600000,"210877"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210876","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0742","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-36513","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36513"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.fortiguard.com/psirt/FG-IR-24-144"}],"description":"The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-144 advisory.\n\n - A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts. (CVE-2024-36513)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"210876","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"remote Windows host is affected by a privilege escalation.","script_name":"Fortinet FortiClient Privilege escalation via lua auto patch function (FG-IR-24-144)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to FortiClient version 6.4.999999 / 7.0.13 / 7.2.5 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.3","script_family":"Windows","xrefs":{"IAVA":["2024-A-0742"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1731369600000,"210876"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210873","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0742","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-47574","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47574"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.fortiguard.com/psirt/FG-IR-24-199"}],"description":"The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-199 advisory.\n\n - An authentication bypass using an alternate path or channel vulnerability (CWE-288) in FortiClient (Windows) may allow a low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages. (CVE-2024-47574)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"210873","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"remote Windows host is missing one or more security-related updates.","script_name":"Fortinet FortiClient Named Pipes Improper Access Control (FG-IR-24-199)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to FortiClient version 6.4.999999 / 7.0.13 / 7.2.5 / 7.4.1 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"IAVA":["2024-A-0742"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1731369600000,"210873"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210867","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0726","type":"advisory","url":null},{"id_type":"IAVA","id":"2024-A-0734","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-43498","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43498"},{"id_type":"cve","id":"CVE-2024-43499","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43499"},{"id_type":null,"id":null,"type":"unknown","url":"https://dotnet.microsoft.com/en-us/download/dotnet/9.0"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43498"},{"id_type":null,"id":null,"type":"unknown","url":"https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43499"},{"id_type":null,"id":null,"type":"unknown","url":"https://github.com/dotnet/announcements/issues/333"},{"id_type":null,"id":null,"type":"unknown","url":"https://github.com/dotnet/announcements/issues/334"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?c209efad"}],"description":"The version of .NET Core SDK installed on the remote host is 9.x prior to 9.0.0. It is, therefore, affected by denial of service vulnerability as referenced in the October 2024 advisory:\n\n - .NET Remote Code Execution (CVE-2024-43498)\n\n - .NET Denial of Service Vulnerability (CVE-2024-43499)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"210867","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote Windows host is affected by a Microsoft .NET Core SDK vulnerability.","script_name":"Security Update for Microsoft .NET Core SDK (November 2024)","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Update .NET Core, remove vulnerable packages and refer to the vendor advisory.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"IAVA":["2024-A-0726","2024-A-0734"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1731369600000,"210867"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210849","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"CWE","id":"125","type":"classifiers","url":null},{"id_type":"CWE","id":"476","type":"classifiers","url":null},{"id_type":"IAVA","id":"2024-A-0737","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-45147","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45147"},{"id_type":"cve","id":"CVE-2024-47458","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47458"},{"id_type":null,"id":null,"type":"unknown","url":"https://helpx.adobe.com/security/products/bridge/apsb24-77.html"}],"description":"The version of Adobe Bridge installed on the remote Windows host is prior to 14.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-77 advisory.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Memory leak (CVE-2024-45147)\n\n - NULL Pointer Dereference (CWE-476) potentially leading to Application denial-of-service (CVE-2024-47458)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"210849","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"Adobe Bridge installed on remote Windows host is affected by a multiple vulnerabilities","script_name":"Adobe Bridge \u003c 14.1.3 Multiple Vulnerabilities (APSB24-77)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Adobe Bridge version 14.1.3 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Windows","xrefs":{"CWE":["125","476"],"IAVA":["2024-A-0737"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1731369600000,"210849"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210846","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"CWE","id":"125","type":"classifiers","url":null},{"id_type":"CWE","id":"787","type":"classifiers","url":null},{"id_type":"IAVA","id":"2024-A-0739","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-47441","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47441"},{"id_type":"cve","id":"CVE-2024-47442","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47442"},{"id_type":"cve","id":"CVE-2024-47443","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47443"},{"id_type":"cve","id":"CVE-2024-47444","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47444"},{"id_type":"cve","id":"CVE-2024-47445","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47445"},{"id_type":"cve","id":"CVE-2024-47446","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47446"},{"id_type":null,"id":null,"type":"unknown","url":"https://helpx.adobe.com/security/products/after_effects/apsb24-85.html"}],"description":"The version of Adobe After Effects installed on the remote Windows host is prior to 24.6.3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-85 advisory.\n\n - Out-of-bounds Write (CWE-787) potentially leading to Arbitrary code execution (CVE-2024-47441, CVE-2024-47442, CVE-2024-47443)\n\n - Out-of-bounds Read (CWE-125) potentially leading to Memory leak (CVE-2024-47444, CVE-2024-47445, CVE-2024-47446)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"210846","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The Adobe After Effects instance installed on the remote host is affected by multiple vulnerabilities.","script_name":"Adobe After Effects \u003c 24.6.3 Multiple Vulnerabilities (APSB24-85)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Adobe After Effects version 24.6.3 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"CWE":["125","787"],"IAVA":["2024-A-0739"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1731369600000,"210846"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210845","_score":null,"_source":{"plugin_modification_date":"2024-11-15T00:00:00","references":[{"id_type":"CWE","id":"125","type":"classifiers","url":null},{"id_type":"IAVA","id":"2024-A-0738","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-47449","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47449"},{"id_type":null,"id":null,"type":"unknown","url":"https://helpx.adobe.com/security/products/audition/apsb24-83.html"}],"description":"The version of Adobe Audition installed on the remote Windows host is prior to 24.6.3. It is, therefore, affected by a vulnerability as referenced in the APSB24-83 advisory.\n\n - Out-of-bounds Read (CWE-125) potentially leading to Memory leak (CVE-2024-47449)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"Medium","script_id":"210845","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The Adobe Audition instance installed on the remote host is affected by a memory leak vulnerability.","script_name":"Adobe Audition \u003c 24.6.3 Memory leak (APSB24-83)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Adobe Audition version 24.6.3 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.9,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Windows","xrefs":{"CWE":["125"],"IAVA":["2024-A-0738"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/15/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1731369600000,"210845"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210778","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVA","id":"2024-A-0743-S","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-11110","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11110"},{"id_type":"cve","id":"CVE-2024-11111","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11111"},{"id_type":"cve","id":"CVE-2024-11112","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11112"},{"id_type":"cve","id":"CVE-2024-11113","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11113"},{"id_type":"cve","id":"CVE-2024-11114","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11114"},{"id_type":"cve","id":"CVE-2024-11115","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11115"},{"id_type":"cve","id":"CVE-2024-11116","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11116"},{"id_type":"cve","id":"CVE-2024-11117","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11117"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?2596518d"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/373263969"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/360520331"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/354824998"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/360274917"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/370856871"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/371929521"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/40942531"},{"id_type":null,"id":null,"type":"unknown","url":"https://crbug.com/40062534"}],"thorough_tests":true,"description":"The version of Google Chrome installed on the remote Windows host is prior to 131.0.6778.69. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024_11_stable-channel-update-for-desktop_12 advisory.\n\n - Inappropriate implementation in Blink. (CVE-2024-11110)\n\n - Inappropriate implementation in Autofill. (CVE-2024-11111)\n\n - Use after free in Media. (CVE-2024-11112)\n\n - Use after free in Accessibility. (CVE-2024-11113)\n\n - Inappropriate implementation in Views. (CVE-2024-11114)\n\n - Insufficient policy enforcement in Navigation. (CVE-2024-11115)\n\n - Inappropriate implementation in Paint. (CVE-2024-11116)\n\n - Inappropriate implementation in FileSystem. (CVE-2024-11117)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"Critical","script_id":"210778","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.","script_name":"Google Chrome \u003c 131.0.6778.69 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Frictionless Assessment AWS","value":"fa_aws"},{"label":"Frictionless Assessment Azure","value":"fa_azure"},{"label":"Frictionless Assessment Agent","value":"fa_agent"},{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Google Chrome version 131.0.6778.69 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"8.1","script_family":"Windows","xrefs":{"IAVA":["2024-A-0743-S"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Critical","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1731369600000,"210778"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"210773","_score":null,"_source":{"plugin_modification_date":"2024-11-18T00:00:00","references":[{"id_type":"CWE","id":"122","type":"classifiers","url":null},{"id_type":"CWE","id":"125","type":"classifiers","url":null},{"id_type":"CWE","id":"476","type":"classifiers","url":null},{"id_type":"CWE","id":"787","type":"classifiers","url":null},{"id_type":"IAVA","id":"2024-A-0718","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2024-45114","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45114"},{"id_type":"cve","id":"CVE-2024-47450","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47450"},{"id_type":"cve","id":"CVE-2024-47451","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47451"},{"id_type":"cve","id":"CVE-2024-47452","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47452"},{"id_type":"cve","id":"CVE-2024-47453","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47453"},{"id_type":"cve","id":"CVE-2024-47454","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47454"},{"id_type":"cve","id":"CVE-2024-47455","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47455"},{"id_type":"cve","id":"CVE-2024-47456","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47456"},{"id_type":"cve","id":"CVE-2024-47457","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47457"},{"id_type":null,"id":null,"type":"unknown","url":"https://helpx.adobe.com/security/products/illustrator/apsb24-87.html"}],"description":"The version of Adobe Illustrator installed on the remote Windows host is prior to 28.7.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-87 advisory.\n\n - Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2024-45114, CVE-2024-47451, CVE-2024-47452)\n\n - Illustrator versions 28.7.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2024-47450)\n\n - Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2024-47453, CVE-2024-47454, CVE-2024-47455, CVE-2024-47456)\n\n - Illustrator versions 28.7.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2024-47457)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"210773","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The Adobe Illustrator instance installed on the remote host is affected by multiple vulnerabilities.","script_name":"Adobe Illustrator \u003c 28.7.2 Multiple Vulnerabilities (APSB24-87)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Adobe Illustrator version 28.7.2 or later.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2024-11-12T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":6.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Windows","xrefs":{"CWE":["122","125","476","787"],"IAVA":["2024-A-0718"]},"pluginPublicationDate":"11/12/2024","pluginModificationDate":"11/18/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1731369600000,"210773"]}],"total":7164,"type":"nessus","family":"Windows","page":1,"apiUrl":"https://www.tenable.com/plugins/api/v1/nessus/families/Windows?page=1"},"cookies":{},"user":null,"flash":null,"env":{"baseUrl":"https://www.tenable.com","host":"www.tenable.com","ga4TrackingId":""},"isUnsupportedBrowser":true,"__N_SSP":true},"page":"/plugins/[type]/families/[family]","query":{"type":"nessus","family":"Windows"},"buildId":"l4vcnKDxIXiOkUtvMoFnX","isFallback":false,"isExperimentalCompile":false,"gssp":true,"appGip":true,"locale":"en","locales":["en","de","es","fr","ja","ko","zh-CN","zh-TW"],"defaultLocale":"en","domainLocales":[{"domain":"www.tenable.com","defaultLocale":"en"},{"domain":"de.tenable.com","defaultLocale":"de"},{"domain":"es-la.tenable.com","defaultLocale":"es"},{"domain":"fr.tenable.com","defaultLocale":"fr"},{"domain":"jp.tenable.com","defaultLocale":"ja"},{"domain":"kr.tenable.com","defaultLocale":"ko"},{"domain":"www.tenablecloud.cn","defaultLocale":"zh-CN"},{"domain":"zh-tw.tenable.com","defaultLocale":"zh-TW"}],"scriptLoader":[]}</script></body></html>