CINXE.COM

<!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><title>Recently Updated Plugins | Tenable®</title><meta name="description" content="Listing recently updated plugins."/><meta property="og:title" content="Recently Updated Plugins"/><meta property="og:description" content="Listing recently updated plugins."/><meta name="twitter:title" content="Recently Updated Plugins"/><meta name="twitter:description" content="Listing recently updated plugins."/><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="apple-touch-icon" sizes="180x180" href="https://www.tenable.com/themes/custom/tenable/img/favicons/apple-touch-icon.png"/><link rel="manifest" href="https://www.tenable.com/themes/custom/tenable/img/favicons/manifest.json"/><link rel="mask-icon" href="https://www.tenable.com/themes/custom/tenable/img/favicons/safari-pinned-tab.svg" color="#0071dd"/><link rel="icon" href="https://www.tenable.com/favicon.ico" sizes="any"/><link rel="icon" href="https://www.tenable.com/themes/custom/tenable/img/favicons/favicon.svg" type="image/svg+xml"/><meta name="msapplication-config" content="https://www.tenable.com/themes/custom/tenable/img/favicons/browserconfig.xml"/><meta name="theme-color" content="#ffffff"/><link rel="canonical" href="https://www.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="x-default" href="https://www.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="en" href="https://www.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="de" href="https://de.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="es" href="https://es-la.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="fr" href="https://fr.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="ja" href="https://jp.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="ko" href="https://kr.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="zh-CN" href="https://www.tenablecloud.cn/plugins/updated"/><link rel="alternate" hrefLang="zh-TW" href="https://zh-tw.tenable.com/plugins/updated"/><meta name="next-head-count" content="26"/><script type="text/javascript">window.NREUM||(NREUM={});NREUM.info = {"agent":"","beacon":"bam.nr-data.net","errorBeacon":"bam.nr-data.net","licenseKey":"5febff3e0e","applicationID":"96358297","agentToken":null,"applicationTime":126.028299,"transactionName":"MVBabEEHChVXU0IIXggab11RIBYHW1VBDkMNYEpRHCgBHkJaRU52I2EXF0MKEQFfXkVORBZRWUxWAg==","queueTime":0,"ttGuid":"7ae69ca0e5aa5ba0"}; (window.NREUM||(NREUM={})).init={ajax:{deny_list:["bam.nr-data.net"]}};(window.NREUM||(NREUM={})).loader_config={licenseKey:"5febff3e0e",applicationID:"96358297"};;/*! For license information please see nr-loader-rum-1.274.0.min.js.LICENSE.txt */ (()=>{var e,t,r={8122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},2555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(8122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},9417:(e,t,r)=>{"use strict";r.d(t,{D0:()=>g,gD:()=>h,xN:()=>p});var n=r(993);const i=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var o=r(2614),a=r(944),s=r(384),c=r(8122);const u="[data-nr-mask]",d=()=>{const e={mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,harvestTimeSeconds:10,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},feature_flags:[],generic_events:{enabled:!0,harvestTimeSeconds:30,autoStart:!0},harvest:{tooManyRequestsDelay:60},jserrors:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},logging:{enabled:!0,harvestTimeSeconds:10,autoStart:!0,level:n.p_.INFO},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,harvestTimeSeconds:30,autoStart:!0},performance:{capture_marks:!1,capture_measures:!1},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:o.wk,inactiveMs:o.BB},session_replay:{autoStart:!0,enabled:!1,harvestTimeSeconds:60,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){i(t)?e.mask_selector="".concat(t,",").concat(u):""===t||null===t?e.mask_selector=u:(0,a.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){i(t)?e.block_selector+=",".concat(t):""!==t&&(0,a.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,a.R)(7,t)}},session_trace:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},soft_navigations:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},spa:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},ssl:void 0,user_actions:{enabled:!0}}},l={},f="All configuration objects require an agent identifier!";function g(e){if(!e)throw new Error(f);if(!l[e])throw new Error("Configuration for ".concat(e," was never set"));return l[e]}function p(e,t){if(!e)throw new Error(f);l[e]=(0,c.a)(t,d());const r=(0,s.nY)(e);r&&(r.init=l[e])}function h(e,t){if(!e)throw new Error(f);var r=g(e);if(r){for(var n=t.split("."),i=0;i<n.length-1;i++)if("object"!=typeof(r=r[n[i]]))return;r=r[n[n.length-1]]}return r}},3371:(e,t,r)=>{"use strict";r.d(t,{V:()=>f,f:()=>l});var n=r(8122),i=r(384),o=r(6154),a=r(9324);let s=0;const c={buildEnv:a.F3,distMethod:a.Xs,version:a.xv,originTime:o.WN},u={customTransaction:void 0,disabled:!1,isolatedBacklog:!1,loaderType:void 0,maxBytes:3e4,onerror:void 0,ptid:void 0,releaseIds:{},appMetadata:{},session:void 0,denyList:void 0,timeKeeper:void 0,obfuscator:void 0},d={};function l(e){if(!e)throw new Error("All runtime objects require an agent identifier!");if(!d[e])throw new Error("Runtime for ".concat(e," was never set"));return d[e]}function f(e,t){if(!e)throw new Error("All runtime objects require an agent identifier!");d[e]={...(0,n.a)(t,u),...c},Object.hasOwnProperty.call(d[e],"harvestCount")||Object.defineProperty(d[e],"harvestCount",{get:()=>++s});const r=(0,i.nY)(e);r&&(r.runtime=d[e])}},9324:(e,t,r)=>{"use strict";r.d(t,{F3:()=>i,Xs:()=>o,xv:()=>n});const n="1.274.0",i="PROD",o="CDN"},6154:(e,t,r)=>{"use strict";r.d(t,{OF:()=>c,RI:()=>i,WN:()=>d,bv:()=>o,gm:()=>a,mw:()=>s,sb:()=>u});var n=r(1863);const i="undefined"!=typeof window&&!!window.document,o="undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self.navigator instanceof WorkerNavigator||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis.navigator instanceof WorkerNavigator),a=i?window:"undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis),s=Boolean("hidden"===a?.document?.visibilityState),c=/iPad|iPhone|iPod/.test(a.navigator?.userAgent),u=c&&"undefined"==typeof SharedWorker,d=((()=>{const e=a.navigator?.userAgent?.match(/Firefox[/\s](\d+\.\d+)/);Array.isArray(e)&&e.length>=2&&e[1]})(),Date.now()-(0,n.t)())},1687:(e,t,r)=>{"use strict";r.d(t,{Ak:()=>c,Ze:()=>l,x3:()=>u});var n=r(7836),i=r(3606),o=r(860),a=r(2646);const s={};function c(e,t){const r={staged:!1,priority:o.P3[t]||0};d(e),s[e].get(t)||s[e].set(t,r)}function u(e,t){e&&s[e]&&(s[e].get(t)&&s[e].delete(t),g(e,t,!1),s[e].size&&f(e))}function d(e){if(!e)throw new Error("agentIdentifier required");s[e]||(s[e]=new Map)}function l(e="",t="feature",r=!1){if(d(e),!e||!s[e].get(t)||r)return g(e,t);s[e].get(t).staged=!0,f(e)}function f(e){const t=Array.from(s[e]);t.every((([e,t])=>t.staged))&&(t.sort(((e,t)=>e[1].priority-t[1].priority)),t.forEach((([t])=>{s[e].delete(t),g(e,t)})))}function g(e,t,r=!0){const o=e?n.ee.get(e):n.ee,s=i.i.handlers;if(!o.aborted&&o.backlog&&s){if(r){const e=o.backlog[t],r=s[t];if(r){for(let t=0;e&&t<e.length;++t)p(e[t],r);Object.entries(r).forEach((([e,t])=>{Object.values(t||{}).forEach((t=>{t[0]?.on&&t[0]?.context()instanceof a.y&&t[0].on(e,t[1])}))}))}}o.isolatedBacklog||delete s[t],o.backlog[t]=null,o.emit("drain-"+t,[])}}function p(e,t){var r=e[1];Object.values(t[r]||{}).forEach((t=>{var r=e[0];if(t[0]===r){var n=t[1],i=e[3],o=e[2];n.apply(i,o)}}))}},7836:(e,t,r)=>{"use strict";r.d(t,{P:()=>c,ee:()=>u});var n=r(384),i=r(8990),o=r(3371),a=r(2646),s=r(5607);const c="nr@context:".concat(s.W),u=function e(t,r){var n={},s={},d={},l=!1;try{l=16===r.length&&(0,o.f)(r).isolatedBacklog}catch(e){}var f={on:p,addEventListener:p,removeEventListener:function(e,t){var r=n[e];if(!r)return;for(var i=0;i<r.length;i++)r[i]===t&&r.splice(i,1)},emit:function(e,r,n,i,o){!1!==o&&(o=!0);if(u.aborted&&!i)return;t&&o&&t.emit(e,r,n);for(var a=g(n),c=h(e),d=c.length,l=0;l<d;l++)c[l].apply(a,r);var p=m()[s[e]];p&&p.push([f,e,r,a]);return a},get:v,listeners:h,context:g,buffer:function(e,t){const r=m();if(t=t||"feature",f.aborted)return;Object.entries(e||{}).forEach((([e,n])=>{s[n]=t,t in r||(r[t]=[])}))},abort:function(){f._aborted=!0,Object.keys(f.backlog).forEach((e=>{delete f.backlog[e]}))},isBuffering:function(e){return!!m()[s[e]]},debugId:r,backlog:l?{}:t&&"object"==typeof t.backlog?t.backlog:{},isolatedBacklog:l};return Object.defineProperty(f,"aborted",{get:()=>{let e=f._aborted||!1;return e||(t&&(e=t.aborted),e)}}),f;function g(e){return e&&e instanceof a.y?e:e?(0,i.I)(e,c,(()=>new a.y(c))):new a.y(c)}function p(e,t){n[e]=h(e).concat(t)}function h(e){return n[e]||[]}function v(t){return d[t]=d[t]||e(f,t)}function m(){return f.backlog}}(void 0,"globalEE"),d=(0,n.Zm)();d.ee||(d.ee=u)},2646:(e,t,r)=>{"use strict";r.d(t,{y:()=>n});class n{constructor(e){this.contextId=e}}},9908:(e,t,r)=>{"use strict";r.d(t,{d:()=>n,p:()=>i});var n=r(7836).ee.get("handle");function i(e,t,r,i,o){o?(o.buffer([e],i),o.emit(e,t,r)):(n.buffer([e],i),n.emit(e,t,r))}},3606:(e,t,r)=>{"use strict";r.d(t,{i:()=>o});var n=r(9908);o.on=a;var i=o.handlers={};function o(e,t,r,o){a(o||n.d,i,e,t,r)}function a(e,t,r,i,o){o||(o="feature"),e||(e=n.d);var a=t[o]=t[o]||{};(a[r]=a[r]||[]).push([e,i])}},3878:(e,t,r)=>{"use strict";function n(e,t){return{capture:e,passive:!1,signal:t}}function i(e,t,r=!1,i){window.addEventListener(e,t,n(r,i))}function o(e,t,r=!1,i){document.addEventListener(e,t,n(r,i))}r.d(t,{DD:()=>o,jT:()=>n,sp:()=>i})},5607:(e,t,r)=>{"use strict";r.d(t,{W:()=>n});const n=(0,r(9566).bz)()},9566:(e,t,r)=>{"use strict";r.d(t,{LA:()=>s,bz:()=>a});var n=r(6154);const i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";function o(e,t){return e?15&e[t]:16*Math.random()|0}function a(){const e=n.gm?.crypto||n.gm?.msCrypto;let t,r=0;return e&&e.getRandomValues&&(t=e.getRandomValues(new Uint8Array(30))),i.split("").map((e=>"x"===e?o(t,r++).toString(16):"y"===e?(3&o()|8).toString(16):e)).join("")}function s(e){const t=n.gm?.crypto||n.gm?.msCrypto;let r,i=0;t&&t.getRandomValues&&(r=t.getRandomValues(new Uint8Array(e)));const a=[];for(var s=0;s<e;s++)a.push(o(r,i++).toString(16));return a.join("")}},2614:(e,t,r)=>{"use strict";r.d(t,{BB:()=>a,H3:()=>n,g:()=>u,iL:()=>c,tS:()=>s,uh:()=>i,wk:()=>o});const n="NRBA",i="SESSION",o=144e5,a=18e5,s={STARTED:"session-started",PAUSE:"session-pause",RESET:"session-reset",RESUME:"session-resume",UPDATE:"session-update"},c={SAME_TAB:"same-tab",CROSS_TAB:"cross-tab"},u={OFF:0,FULL:1,ERROR:2}},1863:(e,t,r)=>{"use strict";function n(){return Math.floor(performance.now())}r.d(t,{t:()=>n})},944:(e,t,r)=>{"use strict";function n(e,t){"function"==typeof console.debug&&console.debug("New Relic Warning: https://github.com/newrelic/newrelic-browser-agent/blob/main/docs/warning-codes.md#".concat(e),t)}r.d(t,{R:()=>n})},5284:(e,t,r)=>{"use strict";r.d(t,{t:()=>c,B:()=>s});var n=r(7836),i=r(6154);const o="newrelic";const a=new Set,s={};function c(e,t){const r=n.ee.get(t);s[t]??={},e&&"object"==typeof e&&(a.has(t)||(r.emit("rumresp",[e]),s[t]=e,a.add(t),function(e={}){try{i.gm.dispatchEvent(new CustomEvent(o,{detail:e}))}catch(e){}}({loaded:!0})))}},8990:(e,t,r)=>{"use strict";r.d(t,{I:()=>i});var n=Object.prototype.hasOwnProperty;function i(e,t,r){if(n.call(e,t))return e[t];var i=r();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,t,{value:i,writable:!0,enumerable:!1}),i}catch(e){}return e[t]=i,i}},6389:(e,t,r)=>{"use strict";function n(e,t=500,r={}){const n=r?.leading||!1;let i;return(...r)=>{n&&void 0===i&&(e.apply(this,r),i=setTimeout((()=>{i=clearTimeout(i)}),t)),n||(clearTimeout(i),i=setTimeout((()=>{e.apply(this,r)}),t))}}function i(e){let t=!1;return(...r)=>{t||(t=!0,e.apply(this,r))}}r.d(t,{J:()=>i,s:()=>n})},5289:(e,t,r)=>{"use strict";r.d(t,{GG:()=>o,sB:()=>a});var n=r(3878);function i(){return"undefined"==typeof document||"complete"===document.readyState}function o(e,t){if(i())return e();(0,n.sp)("load",e,t)}function a(e){if(i())return e();(0,n.DD)("DOMContentLoaded",e)}},384:(e,t,r)=>{"use strict";r.d(t,{NT:()=>o,US:()=>d,Zm:()=>a,bQ:()=>c,dV:()=>s,nY:()=>u,pV:()=>l});var n=r(6154),i=r(1863);const o={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net"};function a(){return n.gm.NREUM||(n.gm.NREUM={}),void 0===n.gm.newrelic&&(n.gm.newrelic=n.gm.NREUM),n.gm.NREUM}function s(){let e=a();return e.o||(e.o={ST:n.gm.setTimeout,SI:n.gm.setImmediate,CT:n.gm.clearTimeout,XHR:n.gm.XMLHttpRequest,REQ:n.gm.Request,EV:n.gm.Event,PR:n.gm.Promise,MO:n.gm.MutationObserver,FETCH:n.gm.fetch,WS:n.gm.WebSocket}),e}function c(e,t){let r=a();r.initializedAgents??={},t.initializedAt={ms:(0,i.t)(),date:new Date},r.initializedAgents[e]=t}function u(e){let t=a();return t.initializedAgents?.[e]}function d(e,t){a()[e]=t}function l(){return function(){let e=a();const t=e.info||{};e.info={beacon:o.beacon,errorBeacon:o.errorBeacon,...t}}(),function(){let e=a();const t=e.init||{};e.init={...t}}(),s(),function(){let e=a();const t=e.loader_config||{};e.loader_config={...t}}(),a()}},2843:(e,t,r)=>{"use strict";r.d(t,{u:()=>i});var n=r(3878);function i(e,t=!1,r,i){(0,n.DD)("visibilitychange",(function(){if(t)return void("hidden"===document.visibilityState&&e());e(document.visibilityState)}),r,i)}},3434:(e,t,r)=>{"use strict";r.d(t,{YM:()=>c});var n=r(7836),i=r(5607);const o="nr@original:".concat(i.W);var a=Object.prototype.hasOwnProperty,s=!1;function c(e,t){return e||(e=n.ee),r.inPlace=function(e,t,n,i,o){n||(n="");const a="-"===n.charAt(0);for(let s=0;s<t.length;s++){const c=t[s],u=e[c];d(u)||(e[c]=r(u,a?c+n:n,i,c,o))}},r.flag=o,r;function r(t,r,n,s,c){return d(t)?t:(r||(r=""),nrWrapper[o]=t,function(e,t,r){if(Object.defineProperty&&Object.keys)try{return Object.keys(e).forEach((function(r){Object.defineProperty(t,r,{get:function(){return e[r]},set:function(t){return e[r]=t,t}})})),t}catch(e){u([e],r)}for(var n in e)a.call(e,n)&&(t[n]=e[n])}(t,nrWrapper,e),nrWrapper);function nrWrapper(){var o,a,d,l;try{a=this,o=[...arguments],d="function"==typeof n?n(o,a):n||{}}catch(t){u([t,"",[o,a,s],d],e)}i(r+"start",[o,a,s],d,c);try{return l=t.apply(a,o)}catch(e){throw i(r+"err",[o,a,e],d,c),e}finally{i(r+"end",[o,a,l],d,c)}}}function i(r,n,i,o){if(!s||t){var a=s;s=!0;try{e.emit(r,n,i,t,o)}catch(t){u([t,r,n,i],e)}s=a}}}function u(e,t){t||(t=n.ee);try{t.emit("internal-error",e)}catch(e){}}function d(e){return!(e&&"function"==typeof e&&e.apply&&!e[o])}},993:(e,t,r)=>{"use strict";r.d(t,{ET:()=>o,p_:()=>i});var n=r(860);const i={ERROR:"ERROR",WARN:"WARN",INFO:"INFO",DEBUG:"DEBUG",TRACE:"TRACE"},o="log";n.K7.logging},3969:(e,t,r)=>{"use strict";r.d(t,{TZ:()=>n,XG:()=>s,rs:()=>i,xV:()=>a,z_:()=>o});const n=r(860).K7.metrics,i="sm",o="cm",a="storeSupportabilityMetrics",s="storeEventMetrics"},6630:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewEvent},782:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewTiming},6344:(e,t,r)=>{"use strict";r.d(t,{G4:()=>i});var n=r(2614);r(860).K7.sessionReplay;const i={RECORD:"recordReplay",PAUSE:"pauseReplay",REPLAY_RUNNING:"replayRunning",ERROR_DURING_REPLAY:"errorDuringReplay"};n.g.ERROR,n.g.FULL,n.g.OFF},4234:(e,t,r)=>{"use strict";r.d(t,{W:()=>o});var n=r(7836),i=r(1687);class o{constructor(e,t){this.agentIdentifier=e,this.ee=n.ee.get(e),this.featureName=t,this.blocked=!1}deregisterDrain(){(0,i.x3)(this.agentIdentifier,this.featureName)}}},7603:(e,t,r)=>{"use strict";r.d(t,{j:()=>P});var n=r(860),i=r(2555),o=r(3371),a=r(9908),s=r(7836),c=r(1687),u=r(5289),d=r(6154),l=r(944),f=r(3969),g=r(384),p=r(6344);const h=["setErrorHandler","finished","addToTrace","addRelease","addPageAction","setCurrentRouteName","setPageViewName","setCustomAttribute","interaction","noticeError","setUserId","setApplicationVersion","start",p.G4.RECORD,p.G4.PAUSE,"log","wrapLogger"],v=["setErrorHandler","finished","addToTrace","addRelease"];var m=r(1863),b=r(2614),y=r(993);var w=r(2646),A=r(3434);function R(e,t,r,n){if("object"!=typeof t||!t||"string"!=typeof r||!r||"function"!=typeof t[r])return(0,l.R)(29);const i=function(e){return(e||s.ee).get("logger")}(e),o=(0,A.YM)(i),a=new w.y(s.P);return a.level=n.level,a.customAttributes=n.customAttributes,o.inPlace(t,[r],"wrap-logger-",a),i}function E(){const e=(0,g.pV)();h.forEach((t=>{e[t]=(...r)=>function(t,...r){let n=[];return Object.values(e.initializedAgents).forEach((e=>{e&&e.api?e.exposed&&e.api[t]&&n.push(e.api[t](...r)):(0,l.R)(38,t)})),n.length>1?n:n[0]}(t,...r)}))}const x={};function _(e,t,g=!1){t||(0,c.Ak)(e,"api");const h={};var w=s.ee.get(e),A=w.get("tracer");x[e]=b.g.OFF,w.on(p.G4.REPLAY_RUNNING,(t=>{x[e]=t}));var E="api-",_=E+"ixn-";function N(t,r,n,o){const a=(0,i.Vp)(e);return null===r?delete a.jsAttributes[t]:(0,i.x1)(e,{...a,jsAttributes:{...a.jsAttributes,[t]:r}}),j(E,n,!0,o||null===r?"session":void 0)(t,r)}function T(){}h.log=function(e,{customAttributes:t={},level:r=y.p_.INFO}={}){(0,a.p)(f.xV,["API/log/called"],void 0,n.K7.metrics,w),function(e,t,r={},i=y.p_.INFO){(0,a.p)(f.xV,["API/logging/".concat(i.toLowerCase(),"/called")],void 0,n.K7.metrics,e),(0,a.p)(y.ET,[(0,m.t)(),t,r,i],void 0,n.K7.logging,e)}(w,e,t,r)},h.wrapLogger=(e,t,{customAttributes:r={},level:i=y.p_.INFO}={})=>{(0,a.p)(f.xV,["API/wrapLogger/called"],void 0,n.K7.metrics,w),R(w,e,t,{customAttributes:r,level:i})},v.forEach((e=>{h[e]=j(E,e,!0,"api")})),h.addPageAction=j(E,"addPageAction",!0,n.K7.genericEvents),h.setPageViewName=function(t,r){if("string"==typeof t)return"/"!==t.charAt(0)&&(t="/"+t),(0,o.f)(e).customTransaction=(r||"http://custom.transaction")+t,j(E,"setPageViewName",!0)()},h.setCustomAttribute=function(e,t,r=!1){if("string"==typeof e){if(["string","number","boolean"].includes(typeof t)||null===t)return N(e,t,"setCustomAttribute",r);(0,l.R)(40,typeof t)}else(0,l.R)(39,typeof e)},h.setUserId=function(e){if("string"==typeof e||null===e)return N("enduser.id",e,"setUserId",!0);(0,l.R)(41,typeof e)},h.setApplicationVersion=function(e){if("string"==typeof e||null===e)return N("application.version",e,"setApplicationVersion",!1);(0,l.R)(42,typeof e)},h.start=()=>{try{(0,a.p)(f.xV,["API/start/called"],void 0,n.K7.metrics,w),w.emit("manual-start-all")}catch(e){(0,l.R)(23,e)}},h[p.G4.RECORD]=function(){(0,a.p)(f.xV,["API/recordReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.RECORD,[],void 0,n.K7.sessionReplay,w)},h[p.G4.PAUSE]=function(){(0,a.p)(f.xV,["API/pauseReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.PAUSE,[],void 0,n.K7.sessionReplay,w)},h.interaction=function(e){return(new T).get("object"==typeof e?e:{})};const S=T.prototype={createTracer:function(e,t){var r={},i=this,o="function"==typeof t;return(0,a.p)(f.xV,["API/createTracer/called"],void 0,n.K7.metrics,w),g||(0,a.p)(_+"tracer",[(0,m.t)(),e,r],i,n.K7.spa,w),function(){if(A.emit((o?"":"no-")+"fn-start",[(0,m.t)(),i,o],r),o)try{return t.apply(this,arguments)}catch(e){const t="string"==typeof e?new Error(e):e;throw A.emit("fn-err",[arguments,this,t],r),t}finally{A.emit("fn-end",[(0,m.t)()],r)}}}};function j(e,t,r,i){return function(){return(0,a.p)(f.xV,["API/"+t+"/called"],void 0,n.K7.metrics,w),i&&(0,a.p)(e+t,[(0,m.t)(),...arguments],r?null:this,i,w),r?void 0:this}}function k(){r.e(296).then(r.bind(r,8778)).then((({setAPI:t})=>{t(e),(0,c.Ze)(e,"api")})).catch((e=>{(0,l.R)(27,e),w.abort()}))}return["actionText","setName","setAttribute","save","ignore","onEnd","getContext","end","get"].forEach((e=>{S[e]=j(_,e,void 0,g?n.K7.softNav:n.K7.spa)})),h.setCurrentRouteName=g?j(_,"routeName",void 0,n.K7.softNav):j(E,"routeName",!0,n.K7.spa),h.noticeError=function(t,r){"string"==typeof t&&(t=new Error(t)),(0,a.p)(f.xV,["API/noticeError/called"],void 0,n.K7.metrics,w),(0,a.p)("err",[t,(0,m.t)(),!1,r,!!x[e]],void 0,n.K7.jserrors,w)},d.RI?(0,u.GG)((()=>k()),!0):k(),h}var N=r(9417),T=r(8122);const S={accountID:void 0,trustKey:void 0,agentID:void 0,licenseKey:void 0,applicationID:void 0,xpid:void 0},j={};var k=r(5284);const I=e=>{const t=e.startsWith("http");e+="/",r.p=t?e:"https://"+e};let O=!1;function P(e,t={},r,n){let{init:a,info:c,loader_config:u,runtime:l={},exposed:f=!0}=t;l.loaderType=r;const p=(0,g.pV)();c||(a=p.init,c=p.info,u=p.loader_config),(0,N.xN)(e.agentIdentifier,a||{}),function(e,t){if(!e)throw new Error("All loader-config objects require an agent identifier!");j[e]=(0,T.a)(t,S);const r=(0,g.nY)(e);r&&(r.loader_config=j[e])}(e.agentIdentifier,u||{}),c.jsAttributes??={},d.bv&&(c.jsAttributes.isWorker=!0),(0,i.x1)(e.agentIdentifier,c);const h=(0,N.D0)(e.agentIdentifier),v=[c.beacon,c.errorBeacon];O||(h.proxy.assets&&(I(h.proxy.assets),v.push(h.proxy.assets)),h.proxy.beacon&&v.push(h.proxy.beacon),E(),(0,g.US)("activatedFeatures",k.B),e.runSoftNavOverSpa&&=!0===h.soft_navigations.enabled&&h.feature_flags.includes("soft_nav")),l.denyList=[...h.ajax.deny_list||[],...h.ajax.block_internal?v:[]],l.ptid=e.agentIdentifier,(0,o.V)(e.agentIdentifier,l),e.ee=s.ee.get(e.agentIdentifier),void 0===e.api&&(e.api=_(e.agentIdentifier,n,e.runSoftNavOverSpa)),void 0===e.exposed&&(e.exposed=f),O=!0}},8374:(e,t,r)=>{r.nc=(()=>{try{return document?.currentScript?.nonce}catch(e){}return""})()},860:(e,t,r)=>{"use strict";r.d(t,{$J:()=>o,K7:()=>n,P3:()=>i});const n={ajax:"ajax",genericEvents:"generic_events",jserrors:"jserrors",logging:"logging",metrics:"metrics",pageAction:"page_action",pageViewEvent:"page_view_event",pageViewTiming:"page_view_timing",sessionReplay:"session_replay",sessionTrace:"session_trace",softNav:"soft_navigations",spa:"spa"},i={[n.pageViewEvent]:1,[n.pageViewTiming]:2,[n.metrics]:3,[n.jserrors]:4,[n.spa]:5,[n.ajax]:6,[n.sessionTrace]:7,[n.softNav]:8,[n.sessionReplay]:9,[n.logging]:10,[n.genericEvents]:11},o={[n.pageViewTiming]:"events",[n.ajax]:"events",[n.spa]:"events",[n.softNav]:"events",[n.metrics]:"jserrors",[n.jserrors]:"jserrors",[n.sessionTrace]:"browser/blobs",[n.sessionReplay]:"browser/blobs",[n.logging]:"browser/logs",[n.genericEvents]:"ins"}}},n={};function i(e){var t=n[e];if(void 0!==t)return t.exports;var o=n[e]={exports:{}};return r[e](o,o.exports,i),o.exports}i.m=r,i.d=(e,t)=>{for(var r in t)i.o(t,r)&&!i.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},i.f={},i.e=e=>Promise.all(Object.keys(i.f).reduce(((t,r)=>(i.f[r](e,t),t)),[])),i.u=e=>"nr-rum-1.274.0.min.js",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="NRBA-1.274.0.PROD:",i.l=(r,n,o,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==o)for(var u=document.getElementsByTagName("script"),d=0;d<u.length;d++){var l=u[d];if(l.getAttribute("src")==r||l.getAttribute("data-webpack")==t+o){s=l;break}}if(!s){c=!0;var f={296:"sha512-gkYkZDAwQ9PwaDXs2YM+rNIdRej1Ac1mupWobRJ8eahQcXz6/sunGZCKklrzi5kWxhOGRZr2tn0rEKuLTXzfAA=="};(s=document.createElement("script")).charset="utf-8",s.timeout=120,i.nc&&s.setAttribute("nonce",i.nc),s.setAttribute("data-webpack",t+o),s.src=r,0!==s.src.indexOf(window.location.origin+"/")&&(s.crossOrigin="anonymous"),f[a]&&(s.integrity=f[a])}e[r]=[n];var g=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var i=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),i&&i.forEach((e=>e(n))),t)return t(n)},p=setTimeout(g.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=g.bind(null,s.onerror),s.onload=g.bind(null,s.onload),c&&document.head.appendChild(s)}},i.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.p="https://js-agent.newrelic.com/",(()=>{var e={840:0,374:0};i.f.j=(t,r)=>{var n=i.o(e,t)?e[t]:void 0;if(0!==n)if(n)r.push(n[2]);else{var o=new Promise(((r,i)=>n=e[t]=[r,i]));r.push(n[2]=o);var a=i.p+i.u(t),s=new Error;i.l(a,(r=>{if(i.o(e,t)&&(0!==(n=e[t])&&(e[t]=void 0),n)){var o=r&&("load"===r.type?"missing":r.type),a=r&&r.target&&r.target.src;s.message="Loading chunk "+t+" failed.\n("+o+": "+a+")",s.name="ChunkLoadError",s.type=o,s.request=a,n[1](s)}}),"chunk-"+t,t)}};var t=(t,r)=>{var n,o,[a,s,c]=r,u=0;if(a.some((t=>0!==e[t]))){for(n in s)i.o(s,n)&&(i.m[n]=s[n]);if(c)c(i)}for(t&&t(r);u<a.length;u++)o=a[u],i.o(e,o)&&e[o]&&e[o][0](),e[o]=0},r=self["webpackChunk:NRBA-1.274.0.PROD"]=self["webpackChunk:NRBA-1.274.0.PROD"]||[];r.forEach(t.bind(null,0)),r.push=t.bind(null,r.push.bind(r))})(),(()=>{"use strict";i(8374);var e=i(944),t=i(6344),r=i(9566);class n{agentIdentifier;constructor(e=(0,r.LA)(16)){this.agentIdentifier=e}#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}addPageAction(e,t){return this.#e("addPageAction",e,t)}setPageViewName(e,t){return this.#e("setPageViewName",e,t)}setCustomAttribute(e,t,r){return this.#e("setCustomAttribute",e,t,r)}noticeError(e,t){return this.#e("noticeError",e,t)}setUserId(e){return this.#e("setUserId",e)}setApplicationVersion(e){return this.#e("setApplicationVersion",e)}setErrorHandler(e){return this.#e("setErrorHandler",e)}addRelease(e,t){return this.#e("addRelease",e,t)}log(e,t){return this.#e("log",e,t)}}class o extends n{#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}start(){return this.#e("start")}finished(e){return this.#e("finished",e)}recordReplay(){return this.#e(t.G4.RECORD)}pauseReplay(){return this.#e(t.G4.PAUSE)}addToTrace(e){return this.#e("addToTrace",e)}setCurrentRouteName(e){return this.#e("setCurrentRouteName",e)}interaction(){return this.#e("interaction")}wrapLogger(e,t,r){return this.#e("wrapLogger",e,t,r)}}var a=i(860),s=i(9417);const c=Object.values(a.K7);function u(e){const t={};return c.forEach((r=>{t[r]=function(e,t){return!0===(0,s.gD)(t,"".concat(e,".enabled"))}(r,e)})),t}var d=i(7603);var l=i(1687),f=i(4234),g=i(5289),p=i(6154),h=i(384);const v=e=>p.RI&&!0===(0,s.gD)(e,"privacy.cookies_enabled");function m(e){return!!(0,h.dV)().o.MO&&v(e)&&!0===(0,s.gD)(e,"session_trace.enabled")}var b=i(6389);class y extends f.W{constructor(e,t,r=!0){super(e.agentIdentifier,t),this.auto=r,this.abortHandler=void 0,this.featAggregate=void 0,this.onAggregateImported=void 0,!1===e.init[this.featureName].autoStart&&(this.auto=!1),this.auto?(0,l.Ak)(e.agentIdentifier,t):this.ee.on("manual-start-all",(0,b.J)((()=>{(0,l.Ak)(e.agentIdentifier,this.featureName),this.auto=!0,this.importAggregator(e)})))}importAggregator(t,r={}){if(this.featAggregate||!this.auto)return;let n;this.onAggregateImported=new Promise((e=>{n=e}));const o=async()=>{let o;try{if(v(this.agentIdentifier)){const{setupAgentSession:e}=await i.e(296).then(i.bind(i,3861));o=e(t)}}catch(t){(0,e.R)(20,t),this.ee.emit("internal-error",[t]),this.featureName===a.K7.sessionReplay&&this.abortHandler?.()}try{if(t.sharedAggregator)await t.sharedAggregator;else{t.sharedAggregator=i.e(296).then(i.bind(i,9337));const{EventAggregator:e}=await t.sharedAggregator;t.sharedAggregator=new e}if(!this.#t(this.featureName,o))return(0,l.Ze)(this.agentIdentifier,this.featureName),void n(!1);const{lazyFeatureLoader:e}=await i.e(296).then(i.bind(i,6103)),{Aggregate:a}=await e(this.featureName,"aggregate");this.featAggregate=new a(t,r),n(!0)}catch(t){(0,e.R)(34,t),this.abortHandler?.(),(0,l.Ze)(this.agentIdentifier,this.featureName,!0),n(!1),this.ee&&this.ee.abort()}};p.RI?(0,g.GG)((()=>o()),!0):o()}#t(e,t){switch(e){case a.K7.sessionReplay:return m(this.agentIdentifier)&&!!t;case a.K7.sessionTrace:return!!t;default:return!0}}}var w=i(6630);class A extends y{static featureName=w.T;constructor(e,t=!0){super(e,w.T,t),this.importAggregator(e)}}var R=i(9908),E=i(2843),x=i(3878),_=i(782),N=i(1863);class T extends y{static featureName=_.T;constructor(e,t=!0){super(e,_.T,t),p.RI&&((0,E.u)((()=>(0,R.p)("docHidden",[(0,N.t)()],void 0,_.T,this.ee)),!0),(0,x.sp)("pagehide",(()=>(0,R.p)("winPagehide",[(0,N.t)()],void 0,_.T,this.ee))),this.importAggregator(e))}}var S=i(3969);class j extends y{static featureName=S.TZ;constructor(e,t=!0){super(e,S.TZ,t),this.importAggregator(e)}}new class extends o{constructor(t,r){super(r),p.gm?(this.features={},(0,h.bQ)(this.agentIdentifier,this),this.desiredFeatures=new Set(t.features||[]),this.desiredFeatures.add(A),this.runSoftNavOverSpa=[...this.desiredFeatures].some((e=>e.featureName===a.K7.softNav)),(0,d.j)(this,t,t.loaderType||"agent"),this.run()):(0,e.R)(21)}get config(){return{info:this.info,init:this.init,loader_config:this.loader_config,runtime:this.runtime}}run(){try{const t=u(this.agentIdentifier),r=[...this.desiredFeatures];r.sort(((e,t)=>a.P3[e.featureName]-a.P3[t.featureName])),r.forEach((r=>{if(!t[r.featureName]&&r.featureName!==a.K7.pageViewEvent)return;if(this.runSoftNavOverSpa&&r.featureName===a.K7.spa)return;if(!this.runSoftNavOverSpa&&r.featureName===a.K7.softNav)return;const n=function(e){switch(e){case a.K7.ajax:return[a.K7.jserrors];case a.K7.sessionTrace:return[a.K7.ajax,a.K7.pageViewEvent];case a.K7.sessionReplay:return[a.K7.sessionTrace];case a.K7.pageViewTiming:return[a.K7.pageViewEvent];default:return[]}}(r.featureName).filter((e=>!(e in this.features)));n.length>0&&(0,e.R)(36,{targetFeature:r.featureName,missingDependencies:n}),this.features[r.featureName]=new r(this)}))}catch(t){(0,e.R)(22,t);for(const e in this.features)this.features[e].abortHandler?.();const r=(0,h.Zm)();delete r.initializedAgents[this.agentIdentifier]?.api,delete r.initializedAgents[this.agentIdentifier]?.features,delete this.sharedAggregator;return r.ee.get(this.agentIdentifier).abort(),!1}}}({features:[A,T,j],loaderType:"lite"})})()})();</script><link data-next-font="size-adjust" rel="preconnect" href="/" crossorigin="anonymous"/><link nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" rel="preload" href="/_next/static/css/ffa80ed36c27c549.css" as="style"/><link nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" rel="stylesheet" href="/_next/static/css/ffa80ed36c27c549.css" data-n-g=""/><noscript data-n-css="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj"></noscript><script defer="" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" nomodule="" src="/_next/static/chunks/polyfills-78c92fac7aa8fdd8.js"></script><script src="/_next/static/chunks/webpack-a707e99c69361791.js" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" defer=""></script><script src="/_next/static/chunks/framework-b0ec748c7a4c483a.js" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" defer=""></script><script src="/_next/static/chunks/main-dbb03be72fb978ea.js" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" defer=""></script><script src="/_next/static/chunks/pages/_app-9014959bd1a0f7dd.js" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" defer=""></script><script src="/_next/static/chunks/9177-dfdc6421d8bd40ea.js" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" defer=""></script><script src="/_next/static/chunks/pages/plugins/updated-c0fef259be0abc6b.js" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" defer=""></script><script src="/_next/static/fGlHUlsrtZ1JnQfd6DHsd/_buildManifest.js" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" defer=""></script><script src="/_next/static/fGlHUlsrtZ1JnQfd6DHsd/_ssgManifest.js" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj" defer=""></script></head><body data-base-url="https://www.tenable.com" data-ga4-tracking-id=""><div id="__next"><div class="app__wrapper"><header class="banner"><div class="nav-wrapper"><ul class="list-inline nav-brand"><li class="list-inline-item"><a href="https://www.tenable.com"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo.png" alt="Tenable"/></a></li><li class="list-inline-item"><a class="app-name" href="https://www.tenable.com/plugins">Plugins</a></li></ul><ul class="nav-dropdown nav"><li class="d-none d-md-block dropdown nav-item"><a aria-haspopup="true" href="#" class="dropdown-toggle nav-link" aria-expanded="false">Settings</a><div tabindex="-1" role="menu" aria-hidden="true" class="dropdown-menu dropdown-menu-right"><h6 tabindex="-1" class="dropdown-header">Links</h6><a href="https://cloud.tenable.com" role="menuitem" class="dropdown-item">Tenable Cloud <i class="fas fa-external-link-alt external-link"></i></a><a href="https://community.tenable.com/login" role="menuitem" class="dropdown-item">Tenable Community & Support <i class="fas fa-external-link-alt external-link"></i></a><a href="https://university.tenable.com/lms/index.php?r=site/sso&sso_type=saml" role="menuitem" class="dropdown-item">Tenable University <i class="fas fa-external-link-alt external-link"></i></a><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity <i class="fas fa-info-circle" id="preferredSeverity"></i></div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><button type="button" tabindex="0" role="menuitem" class="dropdown-item-link dropdown-item">Help</button></div></li></ul><div class="d-block d-md-none"><button type="button" aria-label="Toggle Overlay" class="btn btn-link nav-toggle"><i class="fas fa-bars fa-2x"></i></button></div></div></header><div class="mobile-nav closed"><ul class="flex-column nav"><li class="mobile-header nav-item"><a href="https://www.tenable.com" class="float-left nav-link"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo-teal.png" alt="Tenable"/></a><a class="float-right mr-2 nav-link"><i class="fas fa-times fa-lg"></i></a></li><li class="nav-item"><a class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/pipeline">Plugins Pipeline</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nessus/families?type=nessus">Nessus Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/was/families?type=was">WAS Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nnm/families?type=nnm">NNM Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/lce/families?type=lce">LCE Families</a></li><li class="no-capitalize nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/ot/families?type=ot">Tenable OT Security Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/families/about">About Plugin Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/release-notes">Release Notes</a></li></div></div><li class="nav-item"><a class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/search">Search Audit Files</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/items/search">Search Items</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/references">References</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/authorities">Authorities</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/documentation">Documentation</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div></div><li class="nav-item"><a class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioa">Indicators of Attack</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioe">Indicators of Exposure</a></li></div></div><li class="nav-item"><a class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/search">Search</a></li></div></div><li class="nav-item"><a class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques/search">Search</a></li></div></div><ul id="links-nav" class="flex-column mt-5 nav"><li class="nav-item"><a class="nav-link">Links<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a href="https://cloud.tenable.com" class="nav-link">Tenable Cloud</a></li><li class="nav-item"><a href="https://community.tenable.com/login" class="nav-link">Tenable Community & Support</a></li><li class="nav-item"><a href="https://university.tenable.com/lms/index.php?r=site/sso&sso_type=saml" class="nav-link">Tenable University</a></li></div></div><li class="nav-item"><a class="nav-link">Settings<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse py-3"><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity</div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></li><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></li></div></div></ul></ul></div><div class="app__container"><div class="app__content"><div class="card callout callout-alert callout-bg-danger mb-4"><div class="card-body"><h5 class="mb-2 text-white">Your browser is no longer supported</h5><p class="text-white">Please update or use another browser for this application to function correctly.</p></div></div><div class="row"><div class="col-3 col-xl-2 d-none d-md-block"><h6 class="side-nav-heading">Detections</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-down"></i></a></li><div class="side-nav-collapse collapse show"><li class="false nav-item"><a href="/plugins" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/plugins/pipeline" class="nav-link"><span>Plugins Pipeline</span></a></li><li class="false nav-item"><a href="/plugins/release-notes" class="nav-link"><span>Release Notes</span></a></li><li class="false nav-item"><a href="/plugins/newest" class="nav-link"><span>Newest</span></a></li><li class="active nav-item"><a href="/plugins/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/plugins/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/plugins/nessus/families" class="nav-link"><span>Nessus Families</span></a></li><li class="false nav-item"><a href="/plugins/was/families" class="nav-link"><span>WAS Families</span></a></li><li class="false nav-item"><a href="/plugins/nnm/families" class="nav-link"><span>NNM Families</span></a></li><li class="false nav-item"><a href="/plugins/lce/families" class="nav-link"><span>LCE Families</span></a></li><li class="false nav-item"><a href="/plugins/ot/families" class="nav-link"><span>Tenable OT Security Families</span></a></li><li class="false nav-item"><a href="/plugins/families/about" class="nav-link"><span>About Plugin Families</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/audits" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/audits/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/audits/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/audits/search" class="nav-link"><span>Search Audit Files</span></a></li><li class="false nav-item"><a href="/audits/items/search" class="nav-link"><span>Search Items</span></a></li><li class="false nav-item"><a href="/audits/references" class="nav-link"><span>References</span></a></li><li class="false nav-item"><a href="/audits/authorities" class="nav-link"><span>Authorities</span></a></li><li class="false nav-item"><a href="/audits/documentation" class="nav-link"><span>Documentation</span></a></li><li class="nav-item"><a class="nav-link" href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div><li class="nav-item"><a type="button" class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/indicators" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/indicators/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/indicators/ioa" class="nav-link"><span>Indicators of Attack</span></a></li><li class="false nav-item"><a href="/indicators/ioe" class="nav-link"><span>Indicators of Exposure</span></a></li></div></ul><h6 class="side-nav-heading">Analytics</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/cve" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/cve/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/cve/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/cve/search" class="nav-link"><span>Search</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/attack-path-techniques" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/attack-path-techniques/search" class="nav-link"><span>Search</span></a></li></div></ul></div><div class="col-12 col-md-9 col-xl-10"><nav class="d-none d-md-block" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins">Plugins</a></li><li class="active breadcrumb-item" aria-current="page">Updated</li></ol></nav><nav class="d-md-none" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins"><i class="fas fa-chevron-left"></i> Plugins</a></li></ol></nav><h1 class="mb-3 h2">Recently Updated Plugins</h1><div class="card"><div class="p-3 card-body"><ul class="mb-3 nav nav-pills"><li class="nav-item"><a class="nav-link active" href="https://www.tenable.com/plugins/updated?">All</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=nessus">Nessus</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=was">Web App Scanning</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=nnm">Nessus Network Monitor</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=lce">Log Correlation Engine</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=ot">Tenable OT Security</a></li></ul><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/updated?type=&page=0">‹‹ Previous<span class="sr-only"> Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 4058 <span class="d-none d-sm-inline">• 202855 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/updated?type=&page=2"><span class="sr-only">Next</span>Next ››</a></li></ul></nav><div class="table-responsive"><table class="results-table table"><thead><tr><th>ID</th><th>Name</th><th>Product</th><th class="family-header">Family</th><th>Updated</th><th>Severity</th></tr></thead><tbody><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/501926">501926</a></td><td>Dell (CVE-2018-1249)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/501192">501192</a></td><td>Eaton (CVE-2018-16158)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/501191">501191</a></td><td>Eaton (CVE-2018-8847)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500873">500873</a></td><td>Schneider (CVE-2018-7792)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500858">500858</a></td><td>Schneider (CVE-2018-7790)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500839">500839</a></td><td>Siemens (CVE-2018-15473)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500213">500213</a></td><td>Rockwell (CVE-2017-16740)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500108">500108</a></td><td>Rockwell (CVE-2017-12093)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500093">500093</a></td><td>Rockwell (CVE-2017-12092)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500075">500075</a></td><td>Rockwell (CVE-2017-14468)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/24/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/501532">501532</a></td><td>Moxa (CVE-2016-0877)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/23/2024</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/501466">501466</a></td><td>Moxa (CVE-2015-6466)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/23/2024</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/501441">501441</a></td><td>Moxa (CVE-2012-4712)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/23/2024</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/501034">501034</a></td><td>Siemens (CVE-2015-1049)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/23/2024</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500134">500134</a></td><td>Rockwell (CVE-2015-6490)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/23/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500107">500107</a></td><td>Siemens (CVE-2017-9946)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/23/2024</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/500105">500105</a></td><td>Siemens (CVE-2017-9947)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>11/23/2024</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99983">99983</a></td><td>Kaa IoT Administration Server Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99982">99982</a></td><td>Unitrends Backup Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Misc.">Misc.</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99933">99933</a></td><td>Bitrix Product and Modules Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99929">99929</a></td><td>National Instruments LabVIEW Installed</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99729">99729</a></td><td>H3C / HPE Intelligent Management Center accessMgrServlet Java Object Deserialization RCE</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Misc.">Misc.</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99477">99477</a></td><td>RTI Connext DDS Installed</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99439">99439</a></td><td>SMB Server DOUBLEPULSAR Backdoor / Implant Detection (EternalRocks)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99311">99311</a></td><td>Mono Installed (macOS)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/MacOS%20X%20Local%20Security%20Checks">MacOS X Local Security Checks</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99280">99280</a></td><td>phpMyAdmin 4.0.x < 4.0.10.19 / 4.4.x < 4.4.15.10 / 4.6.x < 4.6.6 Multiple Vulnerabilities (PMASA-2017-1 - PMASA-2017-7)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99172">99172</a></td><td>Microsoft Azure Instance Metadata Enumeration (Windows)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/99170">99170</a></td><td>Google Cloud Platform Compute Engine Instance Metadata Enumeration (Windows)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97999">97999</a></td><td>Intel Management Engine Authentication Bypass (INTEL-SA-00075) (remote check)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Web%20Servers">Web Servers</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97997">97997</a></td><td>Intel Management Engine Insecure Read / Write Operations RCE (INTEL-SA-00075)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97895">97895</a></td><td>Kodi Media Player Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97860">97860</a></td><td>HPE Smart Storage Administrator Installed</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97667">97667</a></td><td>Siemens SIMATIC Logon Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/SCADA">SCADA</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97579">97579</a></td><td>IBM Integration Bus Installed</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97354">97354</a></td><td>PHP 7.1.x < 7.1.2 Multiple Vulnerabilities</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97353">97353</a></td><td>PHP 7.0.x < 7.0.16 Multiple Vulnerabilities</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97225">97225</a></td><td>Trend Micro Control Manager Detection (uncredentialed)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Misc.">Misc.</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/97020">97020</a></td><td>IBM DataPower Gateway Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Misc.">Misc.</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96876">96876</a></td><td>Advantech WebAccess SQLi</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/SCADA">SCADA</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96875">96875</a></td><td>Advantech WebAccess Authentication Bypass</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/SCADA">SCADA</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96801">96801</a></td><td>PHP 7.1.x < 7.1.1 Multiple Vulnerabilities</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96800">96800</a></td><td>PHP 7.0.x < 7.0.15 Multiple Vulnerabilities</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96799">96799</a></td><td>PHP 5.6.x < 5.6.30 Multiple DoS</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96607">96607</a></td><td>HP Operations Manager Installed (Linux)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Misc.">Misc.</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96317">96317</a></td><td>CA Unified Infrastructure Management (UIM) Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Windows">Windows</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96281">96281</a></td><td>Sophos XG Firewall Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Service%20detection">Service detection</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/96146">96146</a></td><td>IBM BigFix Remote Control Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/95923">95923</a></td><td>EMC Avamar ADS / AVE Installed (credentialed check)</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/Misc.">Misc.</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/95922">95922</a></td><td>EMC Avamar ADS / AVE Server Detection</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-info">info</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/nessus/95875">95875</a></td><td>PHP 7.0.x < 7.0.14 Multiple Vulnerabilities</td><td>Nessus</td><td><a href="https://www.tenable.com/plugins/nessus/families/CGI%20abuses">CGI abuses</a></td><td>11/22/2024</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr></tbody></table></div><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/updated?type=&page=0">‹‹ Previous<span class="sr-only"> Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 4058 <span class="d-none d-sm-inline">• 202855 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/updated?type=&page=2"><span class="sr-only">Next</span>Next ››</a></li></ul></nav></div></div></div></div></div></div><footer class="footer"><div class="container"><ul class="footer-nav"><li class="footer-nav-item"><a href="https://www.tenable.com/">Tenable.com</a></li><li class="footer-nav-item"><a href="https://community.tenable.com">Community & Support</a></li><li class="footer-nav-item"><a href="https://docs.tenable.com">Documentation</a></li><li class="footer-nav-item"><a href="https://university.tenable.com">Education</a></li></ul><ul class="footer-nav footer-nav-secondary"><li class="footer-nav-item">© 2024 Tenable®, Inc. All Rights Reserved</li><li class="footer-nav-item"><a href="https://www.tenable.com/privacy-policy">Privacy Policy</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/legal">Legal</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/section-508-voluntary-product-accessibility">508 Compliance</a></li></ul></div></footer><div class="Toastify"></div></div></div><script id="__NEXT_DATA__" type="application/json" nonce="nonce-OGI3MzYzNGUtMWU3My00MDhkLWE5NDktNjNhYWQ2MzY1MDJj">{"props":{"pageProps":{"plugins":[{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"501926","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"cve","id":"CVE-2018-1249","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1249"}],"description":"Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to strip the SSL/TLS protection from a connection between a client and a server.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"501926","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Dell (CVE-2018-1249)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2024-01-17T00:00:00","cvss":{"cvssv3_score":5.9,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{},"pluginPublicationDate":"1/17/2024","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1732406400000,"501926"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"501192","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"CWE","id":"798","type":"classifiers","url":null},{"id_type":"cve","id":"CVE-2018-16158","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16158"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?52280b1d"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?807d2336"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.ctrlu.net/vuln/0006.html"}],"description":"Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Critical","script_id":"501192","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Eaton (CVE-2018-16158)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-06-20T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["798"]},"pluginPublicationDate":"6/20/2023","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1732406400000,"501192"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"501191","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"CWE","id":"121","type":"classifiers","url":null},{"id_type":"CWE","id":"787","type":"classifiers","url":null},{"id_type":"ICSA","id":"18-193-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2018-8847","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8847"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?f1ee8617"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.securityfocus.com/bid/104736"},{"id_type":null,"id":null,"type":"unknown","url":"https://ics-cert.us-cert.gov/advisories/ICSA-18-193-01"}],"description":"Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"501191","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Eaton (CVE-2018-8847)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-06-20T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Tenable.ot","xrefs":{"CWE":["121","787"],"ICSA":["18-193-01"]},"pluginPublicationDate":"6/20/2023","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"High","severity":"High"},"sort":[1732406400000,"501191"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500873","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"CWE","id":"862","type":"classifiers","url":null},{"id_type":"ICSA","id":"18-240-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2018-7792","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7792"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?07a6233e"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.securityfocus.com/bid/105182"}],"description":"A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"500873","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Schneider (CVE-2018-7792)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-03-01T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["862"],"ICSA":["18-240-01"]},"pluginPublicationDate":"3/1/2023","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1732406400000,"500873"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500858","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"CWE","id":"294","type":"classifiers","url":null},{"id_type":"ICSA","id":"18-240-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2018-7790","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7790"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?07a6233e"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.securityfocus.com/bid/105182"}],"description":"An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"500858","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Schneider (CVE-2018-7790)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-03-01T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["294"],"ICSA":["18-240-01"]},"pluginPublicationDate":"3/1/2023","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732406400000,"500858"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500839","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"CWE","id":"362","type":"classifiers","url":null},{"id_type":"DSA","id":"DSA-4280","type":"advisory","url":null},{"id_type":"GLSA","id":"GLSA-201810-03","type":"advisory","url":null},{"id_type":"ICSA","id":"22-349-21","type":"advisory","url":null},{"id_type":"RHSA","id":"RHSA-2019:0711","type":"advisory","url":null},{"id_type":"RHSA","id":"RHSA-2019:2143","type":"advisory","url":null},{"id_type":"USN","id":"USN-3809-1","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2018-15473","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15473"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?d1488d7c"},{"id_type":null,"id":null,"type":"unknown","url":"https://bugs.debian.org/906236"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.openwall.com/lists/oss-security/2018/08/15/5"},{"id_type":null,"id":null,"type":"unknown","url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00022.html"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.exploit-db.com/exploits/45233/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.exploit-db.com/exploits/45210/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.debian.org/security/2018/dsa-4280"},{"id_type":null,"id":null,"type":"unknown","url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0011"},{"id_type":null,"id":null,"type":"unknown","url":"https://security.gentoo.org/glsa/201810-03"},{"id_type":null,"id":null,"type":"unknown","url":"https://security.netapp.com/advisory/ntap-20181101-0001/"},{"id_type":null,"id":null,"type":"unknown","url":"https://usn.ubuntu.com/3809-1/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.exploit-db.com/exploits/45939/"},{"id_type":null,"id":null,"type":"unknown","url":"https://access.redhat.com/errata/RHSA-2019:0711"},{"id_type":null,"id":null,"type":"unknown","url":"https://access.redhat.com/errata/RHSA-2019:2143"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"}],"description":"OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"500839","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens (CVE-2018-15473)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-02-23T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.9","script_family":"Tenable.ot","xrefs":{"CWE":["362"],"DSA":["DSA-4280"],"GLSA":["GLSA-201810-03"],"ICSA":["22-349-21"],"RHSA":["RHSA-2019:0711","RHSA-2019:2143"],"USN":["USN-3809-1"]},"pluginPublicationDate":"2/23/2023","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732406400000,"500839"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500213","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"CWE","id":"119","type":"classifiers","url":null},{"id_type":"CWE","id":"120","type":"classifiers","url":null},{"id_type":"ICSA","id":"18-009-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-16740","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16740"},{"id_type":null,"id":null,"type":"unknown","url":"https://ics-cert.us-cert.gov/advisories/ICSA-18-009-01"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.securityfocus.com/bid/102474"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?57d56e7e"}],"description":"A Buffer Overflow issue was discovered in Rockwell Automation Allen- Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"500213","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Rockwell (CVE-2017-16740)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2022-02-07T00:00:00","cvss":{"cvssv3_score":10,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.5","script_family":"Tenable.ot","xrefs":{"CWE":["119","120"],"ICSA":["18-009-01"]},"pluginPublicationDate":"2/7/2022","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732406400000,"500213"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500108","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"CWE","id":"400","type":"classifiers","url":null},{"id_type":"ICSA","id":"18-095-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-12093","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12093"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?c194dbab"}],"description":"An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and before. A specially crafted stream of packets can cause a flood of the session resource pool resulting in legitimate connections to the PLC being disconnected. An attacker can send unauthenticated packets to trigger this vulnerability.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"500108","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Rockwell (CVE-2017-12093)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2022-02-07T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"2.2","script_family":"Tenable.ot","xrefs":{"CWE":["400"],"ICSA":["18-095-01"]},"pluginPublicationDate":"2/7/2022","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1732406400000,"500108"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500093","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"CWE","id":"200","type":"classifiers","url":null},{"id_type":"ICSA","id":"18-095-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-12092","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12092"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?a26b3f7c"}],"description":"An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this vulnerability.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"500093","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Rockwell (CVE-2017-12092)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2022-02-07T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Tenable.ot","xrefs":{"CWE":["200"],"ICSA":["18-095-01"]},"pluginPublicationDate":"2/7/2022","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732406400000,"500093"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500075","_score":null,"_source":{"plugin_modification_date":"2024-11-24T00:00:00","references":[{"id_type":"cve","id":"CVE-2017-14468","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14468"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?c8699acc"}],"description":"An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Description: This ability is leveraged in a larger exploit to flash custom firmware.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"500075","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Rockwell (CVE-2017-14468)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2022-02-07T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{},"pluginPublicationDate":"2/7/2022","pluginModificationDate":"11/24/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732406400000,"500075"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"501532","_score":null,"_source":{"plugin_modification_date":"2024-11-23T00:00:00","references":[{"id_type":"CWE","id":"772","type":"classifiers","url":null},{"id_type":"ICSA","id":"16-042-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2016-0877","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0877"},{"id_type":null,"id":null,"type":"unknown","url":"https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01"}],"description":"Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"501532","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Moxa (CVE-2016-0877)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-08-02T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["772"],"ICSA":["16-042-01"]},"pluginPublicationDate":"8/2/2023","pluginModificationDate":"11/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1732320000000,"501532"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"501466","_score":null,"_source":{"plugin_modification_date":"2024-11-23T00:00:00","references":[{"id_type":"CWE","id":"79","type":"classifiers","url":null},{"id_type":"ICSA","id":"15-246-03","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2015-6466","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6466"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.moxa.com/support/download.aspx?type=support\u0026id=328"},{"id_type":null,"id":null,"type":"unknown","url":"https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03"}],"description":"Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote attackers to inject arbitrary web script or HTML via an unspecified field.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"501466","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Moxa (CVE-2015-6466)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-08-02T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":null,"cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"vpr_score":"3.0","script_family":"Tenable.ot","xrefs":{"CWE":["79"],"ICSA":["15-246-03"]},"pluginPublicationDate":"8/2/2023","pluginModificationDate":"11/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1732320000000,"501466"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"501441","_score":null,"_source":{"plugin_modification_date":"2024-11-23T00:00:00","references":[{"id_type":"CWE","id":"798","type":"classifiers","url":null},{"id_type":"ICSA","id":"13-042-01","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2012-4712","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4712"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.moxa.com/support/download.aspx?type=support\u0026id=492"}],"description":"Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"501441","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Moxa (CVE-2012-4712)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-08-02T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":null,"cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["798"],"ICSA":["13-042-01"]},"pluginPublicationDate":"8/2/2023","pluginModificationDate":"11/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732320000000,"501441"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"501034","_score":null,"_source":{"plugin_modification_date":"2024-11-23T00:00:00","references":[{"id_type":"CWE","id":"20","type":"classifiers","url":null},{"id_type":"cve","id":"CVE-2015-1049","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1049"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?9c53b8a1"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-954136.pdf"}],"description":"The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"501034","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens (CVE-2015-1049)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2023-04-11T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:P/I:P/A:P","cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":null,"cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"vpr_score":"5.8","script_family":"Tenable.ot","xrefs":{"CWE":["20"]},"pluginPublicationDate":"4/11/2023","pluginModificationDate":"11/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732320000000,"501034"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500134","_score":null,"_source":{"plugin_modification_date":"2024-11-23T00:00:00","references":[{"id_type":"CWE","id":"119","type":"classifiers","url":null},{"id_type":"ICSA","id":"15-300-03","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2015-6490","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6490"},{"id_type":null,"id":null,"type":"unknown","url":"https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03"}],"description":"Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Critical","script_id":"500134","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Rockwell (CVE-2015-6490)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2022-02-07T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":null,"cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["119"],"ICSA":["15-300-03"]},"pluginPublicationDate":"2/7/2022","pluginModificationDate":"11/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1732320000000,"500134"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500107","_score":null,"_source":{"plugin_modification_date":"2024-11-23T00:00:00","references":[{"id_type":"CWE","id":"287","type":"classifiers","url":null},{"id_type":"ICSA","id":"17-285-05","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-9946","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9946"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?8c345dfe"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf"}],"description":"A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions \u003cV3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from the device.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"500107","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens (CVE-2017-9946)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2022-02-07T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Tenable.ot","xrefs":{"CWE":["287"],"ICSA":["17-285-05"]},"pluginPublicationDate":"2/7/2022","pluginModificationDate":"11/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732320000000,"500107"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"500105","_score":null,"_source":{"plugin_modification_date":"2024-11-23T00:00:00","references":[{"id_type":"CWE","id":"22","type":"classifiers","url":null},{"id_type":"CWE","id":"538","type":"classifiers","url":null},{"id_type":"ICSA","id":"17-285-05","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-9947","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9947"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?8c345dfe"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf"}],"description":"A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions \u003cV3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"500105","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens (CVE-2017-9947)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2022-02-07T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"2.2","script_family":"Tenable.ot","xrefs":{"CWE":["22","538"],"ICSA":["17-285-05"]},"pluginPublicationDate":"2/7/2022","pluginModificationDate":"11/23/2024","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1732320000000,"500105"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99983","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.kaaproject.org/"}],"description":"The remote host is running the Kaa Internet of Things (IoT) administration server. Kaa is a multi-purpose toolkit for building and managing IoT solutions, applications, and smart products.","risk_factor":"Info","script_id":"99983","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"An IoT administration platform was detected on the remote web server.","script_name":"Kaa IoT Administration Server Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-05-04T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"5/4/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"99983"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99982","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.unitrends.com/products/enterprise-backup-software"}],"description":"Unitrends Backup, an enterprise backup and continuity application, is running on the remote host.","risk_factor":"Info","script_id":"99982","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A web server for Unitrends Backup is running on the remote host.","script_name":"Unitrends Backup Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-05-04T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Misc.","xrefs":{},"pluginPublicationDate":"5/4/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"99982"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99933","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVT","id":"0001-T-0764","type":"advisory","url":null},{"id_type":null,"id":null,"type":"unknown","url":"https://www.bitrix24.com/"}],"description":"The remote host is running a Bitrix collaboration platform and related modules. Bitrix provides a suite of social collaboration, communication, and management tools, including CRM, file sharing, project management, and calendars.","risk_factor":"Info","script_id":"99933","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is running a collaboration platform manager.","script_name":"Bitrix Product and Modules Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-05-02T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"CGI abuses","xrefs":{"IAVT":["0001-T-0764"]},"pluginPublicationDate":"5/2/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"99933"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99929","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.ni.com/en-us/shop/labview.html"}],"description":"National Instruments LabVIEW, a system design and development platform, is installed on the remote Windows host.","risk_factor":"Info","script_id":"99929","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A system design and development platform is installed on the remote Windows host.","script_name":"National Instruments LabVIEW Installed","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-05-02T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"5/2/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"99929"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99729","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"HP","id":"HPESBHF03710","type":"advisory","url":null},{"id_type":"HP","id":"emr_na-hpesbhf03710en_us","type":"advisory","url":null},{"id_type":"ZDI","id":"ZDI-17-166","type":"vulnerability","url":null},{"id_type":"cve","id":"CVE-2017-5790","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5790"},{"id_type":"bid","id":"96755","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?d75f4bdd"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?9c6d83db"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?7cc45126"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.zerodayinitiative.com/advisories/ZDI-17-166/"}],"description":"The H3C or HPE Intelligent Management Center (iMC) web server running on the remote host is affected by a remote code execution vulnerability in accessMgrServlet due to unsafe deserialization of Java objects to various libraries. An unauthenticated, remote attacker can exploit this, by sending a specially crafted HTTP request, to execute arbitrary code on the target host.\n\nNote that Intelligent Management Center (iMC) is an HPE product;\nhowever, it is branded as H3C.","risk_factor":"Critical","script_id":"99729","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A web application hosted on the remote web server is affected by a remote code execution vulnerability.","script_name":"H3C / HPE Intelligent Management Center accessMgrServlet Java Object Deserialization RCE","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to H3C / HPE iMC version 7.2 E0504 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-04-28T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Misc.","xrefs":{"HP":["HPESBHF03710","emr_na-hpesbhf03710en_us"],"ZDI":["ZDI-17-166"]},"pluginPublicationDate":"4/28/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1732233600000,"99729"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99477","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVT","id":"0001-T-0709","type":"advisory","url":null},{"id_type":null,"id":null,"type":"unknown","url":"https://www.rti.com/products/connext-dds-professional"}],"description":"Real Time Innovations (RTI) Connext Data Distribution Service (DDS) is installed on the remote host. RTI Connext DDS is a connectivity platform for Industrial Internet of Things (IIoT) systems.","risk_factor":"Info","script_id":"99477","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A connectivity platform is installed on the remote host.","script_name":"RTI Connext DDS Installed","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-04-19T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{"IAVT":["0001-T-0709"]},"pluginPublicationDate":"4/19/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"99477"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99439","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"CISA-KNOWN-EXPLOITED","id":"2022/08/10","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-0144","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144"},{"id_type":"bid","id":"96704","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?43ec89df"},{"id_type":null,"id":null,"type":"unknown","url":"https://github.com/countercept/doublepulsar-detection-script"},{"id_type":null,"id":null,"type":"unknown","url":"https://github.com/stamparm/EternalRocks/"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?68fc8eff"}],"description":"Nessus detected the presence of DOUBLEPULSAR on the remote Windows host. DOUBLEPULSAR is one of multiple Equation Group SMB implants and backdoors disclosed on 2017/04/14 by a group known as the Shadow Brokers. The implant allows an unauthenticated, remote attacker to use SMB as a covert channel to exfiltrate data, launch remote commands, or execute arbitrary code.\n\nEternalRocks is a worm that propagates by utilizing DOUBLEPULSAR.","risk_factor":"High","script_id":"99439","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A backdoor exists on the remote Windows host.","script_name":"SMB Server DOUBLEPULSAR Backdoor / Implant Detection (EternalRocks)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Remove the DOUBLEPULSAR backdoor / implant and disable SMBv1.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-04-18T00:00:00","cvss":{"cvssv3_score":8.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":8.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":9.3,"cvssv3_temporal_vector_base":"E:H/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:H/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"9.8","script_family":"Windows","xrefs":{},"pluginPublicationDate":"4/18/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Critical","cisaKnownExploitedDate":["8/10/2022"],"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Critical","severity":"High"},"sort":[1732233600000,"99439"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99311","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.mono-project.com/"}],"description":"Mono, a cross-platform open source .NET framework, is installed on the remote macOS or Mac OS X host.","risk_factor":"Info","script_id":"99311","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote macOS or Mac OS X host contains a runtime environment.","script_name":"Mono Installed (macOS)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-04-12T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"MacOS X Local Security Checks","xrefs":{},"pluginPublicationDate":"4/12/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"99311"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99280","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"cve","id":"CVE-2015-8980","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8980"},{"id_type":"cve","id":"CVE-2016-5702","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5702"},{"id_type":"bid","id":"91380","type":"vulnerability","url":null},{"id_type":"bid","id":"95754","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"https://www.phpmyadmin.net/security/PMASA-2017-1/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.phpmyadmin.net/security/PMASA-2017-2/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.phpmyadmin.net/security/PMASA-2017-3/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.phpmyadmin.net/security/PMASA-2017-4/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.phpmyadmin.net/security/PMASA-2017-5/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.phpmyadmin.net/security/PMASA-2017-6/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.phpmyadmin.net/security/PMASA-2017-7/"}],"thorough_tests":true,"description":"According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.19, 4.4.x prior to 4.4.15.10, or 4.6.x prior to 4.6.6. It is, therefore, affected by the following vulnerabilities :\n\n - An open redirect vulnerability exists due to a failure to validate request paths before returning them to users. An unauthenticated, remote attacker can exploit this, by convincing a user to follow a specially crafted link, to redirect the user from the intended legitimate website to an arbitrary website of the attacker's choosing. (PMASA-2017-1)\n\n - An arbitrary code execution vulnerability exists in the php-gettext component in the select_string() function due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (PMASA-2017-2, CVE-2015-8980)\n\n - A denial of service vulnerability exists in the goto() function due to improper handling of table data. An unauthenticated, remote attacker can exploit this to launch a recursive include operation, resulting in a denial of service condition. (PMASA-2017-3)\n\n - A flaw exists due to a failure to sanitize input passed via cookie parameters. An unauthenticated, remote attacker can exploit this to inject arbitrary CSS in themes. (PMASA-2017-4)\n\n - An unspecified flaw exists that allows an unauthenticated, remote attacker to inject arbitrary values into browser cookies. (PMASA-2017-5, CVE-2016-5702)\n\n - A server-side request forgery vulnerability exists that allows an authenticated, remote attacker to bypass access restrictions (e.g. host or network ACLs) and connect to hosts without the appropriate authorization.\n Note that this vulnerability only affects the 4.6.x version branch. (PMASA-2017-6)\n\n - A denial of service vulnerability exists in the replication status functionality due to improper handling of specially crafted table names. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (PMASA-2017-7)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"99280","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote web server hosts a PHP application that is affected by multiple vulnerabilities.","script_name":"phpMyAdmin 4.0.x \u003c 4.0.10.19 / 4.4.x \u003c 4.4.15.10 / 4.6.x \u003c 4.6.6 Multiple Vulnerabilities (PMASA-2017-1 - PMASA-2017-7)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to phpMyAdmin version 4.0.10.19 / 4.4.15.10 /4.6.6 or later.\nAlternatively, apply the patches referenced in the vendor advisories.","enable_cgi_scanning":true,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-04-11T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"4/11/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732233600000,"99280"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99172","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://azure.microsoft.com/en-us/"}],"description":"The remote host is a Microsoft Azure instance. Using the supplied administrator credentials, Nessus was able to use the metadata API to collect information about the system.","risk_factor":"Info","script_id":"99172","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is a Microsoft Azure instance for which metadata could be retrieved.","script_name":"Microsoft Azure Instance Metadata Enumeration (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-04-03T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"4/3/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"99172"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"99170","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://cloud.google.com/compute/"}],"description":"The remote Windows host appears to be a Google Compute Engine instance. Nessus was able to use the metadata API to collect information about the system.","risk_factor":"Info","script_id":"99170","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is a Google Compute Engine instance for which metadata could be retrieved.","script_name":"Google Cloud Platform Compute Engine Instance Metadata Enumeration (Windows)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-04-03T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"4/3/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"99170"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97999","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"CERT","id":"491375","type":"advisory","url":null},{"id_type":"CISA-KNOWN-EXPLOITED","id":"2022/07/28","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-5689","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5689"},{"id_type":"bid","id":"98269","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?9e6ca5f4"},{"id_type":null,"id":null,"type":"unknown","url":"https://downloadcenter.intel.com/download/26754"},{"id_type":null,"id":null,"type":"unknown","url":"https://mjg59.dreamwidth.org/48429.html"},{"id_type":null,"id":null,"type":"unknown","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5689"}],"description":"The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled, and is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a NULL HTTP Digest response, to bypass authentication.\n\nNote that the vulnerability is only exploitable remotely if either Active Management Technology (AMT), Intel Standard Manageability (ISM), or Small Business Technology (SBT) is enabled. However, a local attacker can still exploit the vulnerability even if these components are disabled by simply re-enabling the components.","risk_factor":"Critical","script_id":"97999","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is affected by an authentication bypass vulnerability.","script_name":"Intel Management Engine Authentication Bypass (INTEL-SA-00075) (remote check)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Contact your system OEM for updated firmware per the vendor advisory.\n\nAlternatively, apply these mitigations per the INTEL-SA-00075 mitigation guide :\n\n - Unprovision Intel manageability SKU clients.\n - Disable or remove the Local Manageability Service (LMS).\n - Configure local manageability configuration restrictions.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-05-04T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":9.4,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":8.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:H/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:H/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"8.9","script_family":"Web Servers","xrefs":{"CERT":["491375"]},"pluginPublicationDate":"5/4/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":["7/28/2022"],"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1732233600000,"97999"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97997","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"CERT","id":"491375","type":"advisory","url":null},{"id_type":"CISA-KNOWN-EXPLOITED","id":"2022/07/28","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2017-5689","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5689"},{"id_type":"bid","id":"98269","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?1adb9b4d"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?9e6ca5f4"},{"id_type":null,"id":null,"type":"unknown","url":"https://downloadcenter.intel.com/download/26754"},{"id_type":null,"id":null,"type":"unknown","url":"https://mjg59.dreamwidth.org/48429.html"}],"description":"The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled and is running Intel manageability firmware version 6.x prior to 6.2.61.3535, 7.x prior to 7.1.91.3272, 8.x prior to 8.1.71.3608, 9.0.x or 9.1.x prior to 9.1.41.3024, 9.5.x prior to 9.5.61.3012, 10.0.x prior to 10.0.55.3000, 11.0.18.x prior to 11.0.18.3003, 11.0.22.x prior to 11.0.22.3001, 11.0.x prior to 11.0.25.3001, 11.6.10.x prior to 11.6.10.3197, 11.6.12.x prior to 11.6.12.3202, or else 11.5.x or 11.6.x prior to 11.6.27.3264. It is, therefore, affected by a remote code execution vulnerability due to insecure read and write operations. An unauthenticated, remote attacker can exploit this to execute arbitrary code.\n\nNote that the vulnerability is only exploitable remotely if either Active Management Technology (AMT), Intel Standard Manageability (ISM), or Small Business Technology (SBT) is enabled. However, a local attacker can still exploit the vulnerability even if these components are disabled by simply re-enabling the components.\n\nAlso, note that due to the low-level implementation of Intel ME, Nessus may not be able to identify its version on the remote host at this time.","risk_factor":"Critical","script_id":"97997","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The management engine on the remote host is affected by a remote code execution vulnerability.","script_name":"Intel Management Engine Insecure Read / Write Operations RCE (INTEL-SA-00075)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":"Contact your system OEM for updated firmware per the vendor advisory.\n\nAlternatively, apply these mitigations per the INTEL-SA-00075 mitigation guide :\n\n - Unprovision Intel manageability SKU clients.\n - Disable or remove the Local Manageability Service (LMS).\n - Configure local manageability configuration restrictions.","plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-05-03T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":9.4,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":8.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:H/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:H/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"8.9","script_family":"Windows","xrefs":{"CERT":["491375"]},"pluginPublicationDate":"5/3/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":["7/28/2022"],"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"High","severity":"Critical"},"sort":[1732233600000,"97997"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97895","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://kodi.tv"}],"description":"Kodi, a media player formerly known as xbmc, is running on the remote host. Nessus was able to determine the version using a standard request.","risk_factor":"Info","script_id":"97895","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A media player server is running on the remote host.","script_name":"Kodi Media Player Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-03-22T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"3/22/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"97895"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97860","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVT","id":"0001-T-0623","type":"advisory","url":null},{"id_type":null,"id":null,"type":"unknown","url":"https://www.hpe.com/us/en/product-catalog/detail/pip.5409020.html"}],"description":"HPE Smart Storage Administrator, an enterprise storage controller management application, is installed on the remote Windows host.","risk_factor":"Info","script_id":"97860","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"An enterprise storage controller management application is installed on the remote Windows host.","script_name":"HPE Smart Storage Administrator Installed","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-03-21T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{"IAVT":["0001-T-0623"]},"pluginPublicationDate":"3/21/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"97860"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97667","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?a43c9bd2"}],"description":"The Siemens SIMATIC Logon service is running on the remote host. This service provides central access protection for SIMATIC applications and plant areas.\n\nThis plugin attempts to anonymously access the ISLSLogon interface of the Component Object Model (COM) class SLSLogon. If the COM security on the remote host is configured to disable anonymous access (i.e., using dcomcnfg.exe), the plugin will not able to detect the SIMATIC Logon service.","risk_factor":"Info","script_id":"97667","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A logon service for SCADA applications is running on the remote host.","script_name":"Siemens SIMATIC Logon Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-03-10T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"SCADA","xrefs":{},"pluginPublicationDate":"3/10/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"97667"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97579","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVT","id":"0001-T-0630","type":"advisory","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://web.archive.org/web/20180316164337/http://www-03.ibm.com:80/software/products/en/ibm-integration-bus"}],"description":"IBM Integration Bus (formerly known as WebSphere Message Broker), an enterprise service bus application, is installed on the remote Windows host.","risk_factor":"Info","script_id":"97579","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"An enterprise service bus application is installed on the remote Windows host.","script_name":"IBM Integration Bus Installed","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-03-07T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{"IAVT":["0001-T-0630"]},"pluginPublicationDate":"3/7/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"97579"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97354","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"bid","id":"96300","type":"vulnerability","url":null},{"id_type":"bid","id":"96303","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://php.net/ChangeLog-7.php#7.1.2"}],"thorough_tests":true,"description":"According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.2. It is, therefore, affected by the following vulnerabilities :\n\n - A denial of service vulnerability exists in mysqli.c due to a memory leak. An unauthenticated, remote attacker can exploit this to crash the application.\n (BID 96300 / PHP Bug #73949)\n\n - A remote code execution vulnerability exists in the PHP-Win client due to a DEP violation. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (BID 96303 / PHP Bug #73876)","risk_factor":"Critical","script_id":"97354","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The version of PHP running on the remote web server is affected by multiple vulnerabilities.","script_name":"PHP 7.1.x \u003c 7.1.2 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to PHP version 7.1.2 or later.","enable_cgi_scanning":true,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-02-23T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"2/23/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":null,"severity":"Critical"},"sort":[1732233600000,"97354"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97353","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"bid","id":"96300","type":"vulnerability","url":null},{"id_type":"bid","id":"96303","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://php.net/ChangeLog-7.php#7.0.16"}],"thorough_tests":true,"description":"According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.16. It is, therefore, affected by the following vulnerabilities :\n\n - A denial of service vulnerability exists in mysqli.c due to a memory leak. An unauthenticated, remote attacker can exploit this to crash the application.\n (BID 96300 / PHP Bug #73949)\n\n - A remote code execution vulnerability exists in the PHP-Win client due to a DEP violation. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (BID 96303 / PHP Bug #73876)","risk_factor":"Critical","script_id":"97353","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The version of PHP running on the remote web server is affected by multiple vulnerabilities.","script_name":"PHP 7.0.x \u003c 7.0.16 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to PHP version 7.0.16 or later.","enable_cgi_scanning":true,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-02-23T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":null,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":null,"cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"2/23/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":null,"severity":"Critical"},"sort":[1732233600000,"97353"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97225","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?9c7048a6"}],"description":"Trend Micro Control Manager, a centralized threat and data protection management application, is running on the remote host.","risk_factor":"Info","script_id":"97225","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"Trend Micro Control Manager is running on the remote host.","script_name":"Trend Micro Control Manager Detection (uncredentialed)","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-02-17T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Misc.","xrefs":{},"pluginPublicationDate":"2/17/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"97225"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"97020","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://web.archive.org/web/20180316162102/http://www-03.ibm.com:80/software/products/en/datapower-gateway"}],"description":"The remote host is running IBM DataPower Gateway, a single multi-channel gateway that provides security, control, integration, and optimized access to a full range of mobile and web services.","risk_factor":"Info","script_id":"97020","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A web server for IBM DataPower Gateway is running on the remote host.","script_name":"IBM DataPower Gateway Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-02-06T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Misc.","xrefs":{},"pluginPublicationDate":"2/6/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"97020"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96876","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"ICSA","id":"17-012-01","type":"advisory","url":null},{"id_type":"TRA","id":"TRA-2017-04","type":"advisory","url":null},{"id_type":"ZDI","id":"ZDI-17-043","type":"vulnerability","url":null},{"id_type":"cve","id":"CVE-2017-5154","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5154"},{"id_type":"bid","id":"95410","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"https://www.tenable.com/security/research/tra-2017-04"},{"id_type":null,"id":null,"type":"unknown","url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-012-01"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.zerodayinitiative.com/advisories/ZDI-17-043/"}],"description":"The Advantech WebAccess web server running on the remote host is affected by a SQL injection (SQLi) vulnerability in the WaExlViewer web application due to a failure to properly sanitize user-supplied input to the updateTemplate.aspx page. An authenticated, remote attacker can exploit this, via a series of crafted HTTP requests, to disclose passwords of administrative accounts used by Advantech WebAccess. Note that an attacker can also exploit this vulnerability without authentication by leveraging an existing authentication bypass vulnerability (CVE-2017-5152).\n\nNessus has exploited the authentication bypass vulnerability (CVE-2017-5152) in order to exploit the SQLi vulnerability (CVE-2017-5154).","risk_factor":"High","script_id":"96876","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is running a web application that is affected by a SQL injection vulnerability.","script_name":"Advantech WebAccess SQLi","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to Advantech WebAccess version 8.2-2016.11.21 or later.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-01-30T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"SCADA","xrefs":{"ICSA":["17-012-01"],"TRA":["TRA-2017-04"],"ZDI":["ZDI-17-043"]},"pluginPublicationDate":"1/30/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732233600000,"96876"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96875","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"ICSA","id":"17-012-01","type":"advisory","url":null},{"id_type":"TRA","id":"TRA-2017-04","type":"advisory","url":null},{"id_type":"ZDI","id":"ZDI-17-043","type":"vulnerability","url":null},{"id_type":"cve","id":"CVE-2017-5152","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5152"},{"id_type":"bid","id":"95410","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"https://www.tenable.com/security/research/tra-2017-04"},{"id_type":null,"id":null,"type":"unknown","url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-012-01"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.zerodayinitiative.com/advisories/ZDI-17-043/"}],"description":"The Advantech WebAccess web server running on the remote host is affected by an authentication bypass vulnerability in the WaExlViewer component due to a failure to properly manage authentication. An unauthenticated, remote attacker can exploit this, via a POST request with specially crafted parameters, to bypass intended restrictions, allowing the attacker to access restricted pages, upload template files, and delete existing templates.","risk_factor":"Medium","script_id":"96875","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is running a web application that is affected by an authentication bypass vulnerability.","script_name":"Advantech WebAccess Authentication Bypass","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Contact the vendor for a solution.","plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-01-30T00:00:00","cvss":{"cvssv3_score":9.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N","cvssv3_temporal_score":8.2,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.4,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"5.2","script_family":"SCADA","xrefs":{"ICSA":["17-012-01"],"TRA":["TRA-2017-04"],"ZDI":["ZDI-17-043"]},"pluginPublicationDate":"1/30/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1732233600000,"96875"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96801","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"cve","id":"CVE-2016-10158","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158"},{"id_type":"cve","id":"CVE-2016-10161","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161"},{"id_type":"cve","id":"CVE-2016-10162","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10162"},{"id_type":"cve","id":"CVE-2016-10167","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167"},{"id_type":"cve","id":"CVE-2016-10168","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168"},{"id_type":"cve","id":"CVE-2016-7479","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479"},{"id_type":"cve","id":"CVE-2017-11147","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11147"},{"id_type":"cve","id":"CVE-2017-5340","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5340"},{"id_type":"bid","id":"95151","type":"vulnerability","url":null},{"id_type":"bid","id":"95371","type":"vulnerability","url":null},{"id_type":"bid","id":"95668","type":"vulnerability","url":null},{"id_type":"bid","id":"95764","type":"vulnerability","url":null},{"id_type":"bid","id":"95768","type":"vulnerability","url":null},{"id_type":"bid","id":"95869","type":"vulnerability","url":null},{"id_type":"bid","id":"99607","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://php.net/ChangeLog-7.php#7.1.1"}],"thorough_tests":true,"description":"According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.1. It is, therefore, affected by the following vulnerabilities :\n\n - A use-after-free error exists that is triggered when handling unserialized object properties. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary code.\n (CVE-2016-7479)\n\n - An integer overflow condition exists in the\n _zend_hash_init() function in zend_hash.c due to improper validation of unserialized objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-5340)\n\n - A floating pointer exception flaw exists in the exif_convert_any_to_int() function in exif.c that is triggered when handling TIFF and JPEG image tags. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10158)\n\n - An out-of-bounds read error exists in the finish_nested_data() function in var_unserializer.c due to improper validation of unserialized data. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition or the disclosure of memory contents.\n (CVE-2016-10161)\n\n - A NULL pointer dereference flaw exists in the php_wddx_pop_element() function in wddx.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10162)\n\n - An signed integer overflow condition exists in gd_io.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to have an unspecified impact.\n\n - A denial of service vulnerability exists in the bundled GD Graphics Library (LibGD) in the gdImageCreateFromGd2Ctx() function in gd_gd2.c due to improper validation of images. An unauthenticated, remote attacker can exploit this, via a specially crafted image, to crash the process. (CVE-2016-10167)\n\n - An integer overflow condition exists in the gd_io.c script of the GD Graphics Library (libgd). An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-10168)\n\n - An out-of-bounds read error exists in the phar_parse_pharfile() function in phar.c due to improper parsing of phar archives. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2017-11147)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"96801","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The version of PHP running on the remote web server is affected by multiple vulnerabilities.","script_name":"PHP 7.1.x \u003c 7.1.1 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to PHP version 7.1.1 or later.","enable_cgi_scanning":true,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-01-26T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"1/26/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732233600000,"96801"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96800","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"cve","id":"CVE-2015-2787","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2787"},{"id_type":"cve","id":"CVE-2016-10158","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158"},{"id_type":"cve","id":"CVE-2016-10159","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159"},{"id_type":"cve","id":"CVE-2016-10160","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160"},{"id_type":"cve","id":"CVE-2016-10161","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161"},{"id_type":"cve","id":"CVE-2016-10162","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10162"},{"id_type":"cve","id":"CVE-2016-10167","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167"},{"id_type":"cve","id":"CVE-2016-10168","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168"},{"id_type":"cve","id":"CVE-2016-7479","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7479"},{"id_type":"cve","id":"CVE-2017-11147","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11147"},{"id_type":"cve","id":"CVE-2017-5340","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5340"},{"id_type":"bid","id":"73431","type":"vulnerability","url":null},{"id_type":"bid","id":"95151","type":"vulnerability","url":null},{"id_type":"bid","id":"95371","type":"vulnerability","url":null},{"id_type":"bid","id":"95668","type":"vulnerability","url":null},{"id_type":"bid","id":"95764","type":"vulnerability","url":null},{"id_type":"bid","id":"95768","type":"vulnerability","url":null},{"id_type":"bid","id":"95774","type":"vulnerability","url":null},{"id_type":"bid","id":"95783","type":"vulnerability","url":null},{"id_type":"bid","id":"95869","type":"vulnerability","url":null},{"id_type":"bid","id":"99607","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://php.net/ChangeLog-7.php#7.0.15"}],"thorough_tests":true,"description":"According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.15. It is, therefore, affected by the following vulnerabilities :\n\n - A remote code execution vulnerability exists due to a use-after-free error in the unserialize() function that is triggered when using DateInterval input. An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in a denial of service condition or the execution of arbitrary code.\n (CVE-2015-2787)\n\n - A use-after-free error exists that is triggered when handling unserialized object properties. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary code.\n (CVE-2016-7479)\n\n - An integer overflow condition exists in the\n _zend_hash_init() function in zend_hash.c due to improper validation of unserialized objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2017-5340)\n\n - A floating pointer exception flaw exists in the exif_convert_any_to_int() function in exif.c that is triggered when handling TIFF and JPEG image tags. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10158)\n\n - An integer overflow condition exists in the phar_parse_pharfile() function in phar.c due to improper validation when handling phar archives. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10159)\n\n - An off-by-one overflow condition exists in the phar_parse_pharfile() function in phar.c due to improper parsing of phar archives. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10160)\n\n - An out-of-bounds read error exists in the finish_nested_data() function in var_unserializer.c due to improper validation of unserialized data. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition or the disclosure of memory contents.\n (CVE-2016-10161)\n\n - A NULL pointer dereference flaw exists in the php_wddx_pop_element() function in wddx.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10162)\n\n - An signed integer overflow condition exists in gd_io.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to have an unspecified impact.\n\n - A type confusion flaw exists that is triggered during the deserialization of specially crafted GMP objects. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition.\n\n - A type confusion error exists that is triggered when deserializing ZVAL objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code.\n\n - A denial of service vulnerability exists in the bundled GD Graphics Library (LibGD) in the gdImageCreateFromGd2Ctx() function in gd_gd2.c due to improper validation of images. An unauthenticated, remote attacker can exploit this, via a specially crafted image, to crash the process. (CVE-2016-10167)\n\n - An integer overflow condition exists in the gd_io.c script of the GD Graphics Library (libgd). An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-10168)\n\n - An out-of-bounds read error exists in the phar_parse_pharfile() function in phar.c due to improper parsing of phar archives. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2017-11147)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"96800","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The version of PHP running on the remote web server is affected by multiple vulnerabilities.","script_name":"PHP 7.0.x \u003c 7.0.15 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to PHP version 7.0.15 or later.","enable_cgi_scanning":true,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-01-26T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"1/26/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732233600000,"96800"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96799","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"cve","id":"CVE-2016-10158","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158"},{"id_type":"cve","id":"CVE-2016-10159","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159"},{"id_type":"cve","id":"CVE-2016-10160","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160"},{"id_type":"cve","id":"CVE-2016-10161","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161"},{"id_type":"cve","id":"CVE-2016-10167","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167"},{"id_type":"cve","id":"CVE-2016-10168","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168"},{"id_type":"cve","id":"CVE-2017-11147","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11147"},{"id_type":"bid","id":"95764","type":"vulnerability","url":null},{"id_type":"bid","id":"95768","type":"vulnerability","url":null},{"id_type":"bid","id":"95774","type":"vulnerability","url":null},{"id_type":"bid","id":"95783","type":"vulnerability","url":null},{"id_type":"bid","id":"95869","type":"vulnerability","url":null},{"id_type":"bid","id":"99607","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://www.php.net/ChangeLog-5.php#5.6.30"}],"thorough_tests":true,"description":"According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.30. It is, therefore, affected by the following vulnerabilities :\n\n - A seg fault when loading hostile phar could be used to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.\n (CVE-2017-11147)\n\n - A floating pointer exception flaw exists in the exif_convert_any_to_int() function in exif.c that is triggered when handling TIFF and JPEG image tags. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10158)\n\n - An integer overflow condition exists in the phar_parse_pharfile() function in phar.c due to improper validation when handling phar archives. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10159)\n\n - An off-by-one overflow condition exists in the phar_parse_pharfile() function in phar.c due to improper parsing of phar archives. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition. (CVE-2016-10160)\n\n - An out-of-bounds read error exists in the finish_nested_data() function in var_unserializer.c due to improper validation of unserialized data. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition or the disclosure of memory contents.\n (CVE-2016-10161)\n\n - An out-of-bounds read error exists in the phar_parse_pharfile() function in phar.c due to improper parsing of phar archives. An unauthenticated, remote attacker can exploit this to cause a crash, resulting in a denial of service condition.\n\n - A denial of service vulnerability exists in the bundled GD Graphics Library (LibGD) in the gdImageCreateFromGd2Ctx() function in gd_gd2.c due to improper validation of images. An unauthenticated, remote attacker can exploit this, via a specially crafted image, to crash the process.\n\n - The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library could allow a remote attacker to cause a denial of service via a crafted image file.\n (CVE-2016-10167)\n\n - An integer overflow in gd_io.c in the GD Graphics Library before could allow a remote attacker to have an unspecified impact on PHP. (CVE-2016-10168)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"96799","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The version of PHP running on the remote web server is affected by multiple denial of service vulnerabilities.","script_name":"PHP 5.6.x \u003c 5.6.30 Multiple DoS","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to PHP version 5.6.30 or later.","enable_cgi_scanning":true,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-01-26T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.0","script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"1/26/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732233600000,"96799"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96607","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?2737271d"}],"description":"HP Operations Manager for Linux, an infrastructure monitoring solution, is installed on the remote host.","risk_factor":"Info","script_id":"96607","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"HP Operations Manager for Linux is installed on the remote host.","script_name":"HP Operations Manager Installed (Linux)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2017-01-18T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Misc.","xrefs":{},"pluginPublicationDate":"1/18/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"96607"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96317","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?2c7f4cd5"}],"description":"CA Unified Infrastructure Management (UIM), an application for network and infrastructure management, is installed on the remote host.","risk_factor":"Info","script_id":"96317","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"CA Unified Infrastructure Management is installed on the remote host.","script_name":"CA Unified Infrastructure Management (UIM) Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2016-12-12T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Windows","xrefs":{},"pluginPublicationDate":"12/12/2016","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"96317"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96281","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"https://www.sophos.com/en-us/products/next-gen-firewall.aspx"}],"description":"Sophos XG Firewall, a next generation multi-protection firewall appliance, is running on the remote host.","risk_factor":"Info","script_id":"96281","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A Sophos XG Firewall appliance is running on the remote host.","script_name":"Sophos XG Firewall Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2017-01-04T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Service detection","xrefs":{},"pluginPublicationDate":"1/4/2017","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"96281"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"96146","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?be514ab1"}],"description":"The remote host is running IBM BigFix Remote Control, a remote administration manager formerly known as Endpoint Manager for Remote Control and Tivoli Remote Control.","risk_factor":"Info","script_id":"96146","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The remote host is running a remote administration manager.","script_name":"IBM BigFix Remote Control Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2016-12-27T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"12/27/2016","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"96146"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"95923","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVT","id":"0001-T-0589","type":"advisory","url":null},{"id_type":null,"id":null,"type":"unknown","url":"https://www.emc.com/data-protection/avamar.htm"}],"description":"EMC Avamar Data Store (ADS) or Avamar Virtual Edition (AVE), a backup and recovery solution, is installed on the remote host.","risk_factor":"Info","script_id":"95923","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A backup solution is installed on the remote host.","script_name":"EMC Avamar ADS / AVE Installed (credentialed check)","language_code":"en_US","supported_sensors":[{"label":"Nessus Agent","value":"nessus_agent"},{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"local","sensor":"nessus","plugin_publication_date":"2016-12-16T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"Misc.","xrefs":{"IAVT":["0001-T-0589"]},"pluginPublicationDate":"12/16/2016","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"95923"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"95922","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"IAVT","id":"0001-T-0590","type":"advisory","url":null},{"id_type":null,"id":null,"type":"unknown","url":"https://www.emc.com/data-protection/avamar.htm"}],"description":"EMC Avamar Data Store (ADS) or Avamar Virtual Edition (AVE) is running on the remote host.","risk_factor":"Info","script_id":"95922","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"A backup solution is running on the remote host.","script_name":"EMC Avamar ADS / AVE Server Detection","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":null,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2016-12-16T00:00:00","cvss":{"cvssv3_score":null,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":null,"cvssv3_temporal_score":null,"cvssv4_vector_base":null,"rating":null,"cvssv2_vector_base":null,"cvssv3_vector_base":null,"cvssv3_environmental_score":null,"cvssv3_vector":null,"cvssv4_vector":null,"cvssv2_temporal_score":null,"source":null,"cvssv4_version":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv2_score":null,"cvssv3_temporal_vector_base":null,"cvssv3_version":null,"cvssv3_temporal_vector":null,"cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":null,"cvssv3_risk_factor":null,"cvssv4_risk_factor":null},"script_family":"CGI abuses","xrefs":{"IAVT":["0001-T-0590"]},"pluginPublicationDate":"12/16/2016","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":null,"cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Info","cvssV3Severity":null,"cvssV4Severity":null,"vprSeverity":null,"severity":"Info"},"sort":[1732233600000,"95922"]},{"_index":"1730133371790_plugin_en_us_nessus","_type":"_doc","_id":"95875","_score":null,"_source":{"plugin_modification_date":"2024-11-22T00:00:00","references":[{"id_type":"cve","id":"CVE-2016-9935","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935"},{"id_type":"cve","id":"CVE-2016-9936","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936"},{"id_type":"bid","id":"94846","type":"vulnerability","url":null},{"id_type":"bid","id":"94849","type":"vulnerability","url":null},{"id_type":null,"id":null,"type":"unknown","url":"http://php.net/ChangeLog-7.php#7.0.14"}],"thorough_tests":true,"description":"According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.14. It is, therefore, affected by the following vulnerabilities:\n\n - A remote code execution vulnerability due to a memory corruption issue in the php_wddx_push_element() function in ext/wddx/wddx.c that occurs when decoding empty boolean elements. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code.\n (CVE-2016-9935)\n\n - A deserialization vulnerability exists in the ext/standard/var.c script. An unauthenticated, remote attacker can exploit this, via crafted serialized data, to the application to stop responding or execute arbitrary code on the target host. (CVE-2016-9936)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.","risk_factor":"High","script_id":"95875","available_languages":["ja_JP","zh_CN","zh_TW","en_US"],"synopsis":"The version of PHP running on the remote web server is affected by a remote code execution vulnerability.","script_name":"PHP 7.0.x \u003c 7.0.14 Multiple Vulnerabilities","language_code":"en_US","supported_sensors":[{"label":"Nessus","value":"nessus"}],"solution":"Upgrade to PHP version 7.0.14 or later.","enable_cgi_scanning":true,"plugin_type":"remote","sensor":"nessus","plugin_publication_date":"2016-12-15T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":8.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"CGI abuses","xrefs":{},"pluginPublicationDate":"12/15/2016","pluginModificationDate":"11/22/2024","locale":"en","availableLocales":["ja","zh-CN","zh-TW","en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":["pluginDetailsConfigurationThoroughTests"],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1732233600000,"95875"]}],"total":202855,"page":1,"type":"","apiUrl":"https://www.tenable.com/plugins/api/v1/all?sort=updated\u0026page=1\u0026type="},"cookies":{},"user":null,"flash":null,"env":{"baseUrl":"https://www.tenable.com","host":"www.tenable.com","ga4TrackingId":""},"isUnsupportedBrowser":true,"__N_SSP":true},"page":"/plugins/updated","query":{},"buildId":"fGlHUlsrtZ1JnQfd6DHsd","isFallback":false,"isExperimentalCompile":false,"gssp":true,"appGip":true,"locale":"en","locales":["en","de","es","fr","ja","ko","zh-CN","zh-TW"],"defaultLocale":"en","domainLocales":[{"domain":"www.tenable.com","defaultLocale":"en"},{"domain":"de.tenable.com","defaultLocale":"de"},{"domain":"es-la.tenable.com","defaultLocale":"es"},{"domain":"fr.tenable.com","defaultLocale":"fr"},{"domain":"jp.tenable.com","defaultLocale":"ja"},{"domain":"kr.tenable.com","defaultLocale":"ko"},{"domain":"www.tenablecloud.cn","defaultLocale":"zh-CN"},{"domain":"zh-tw.tenable.com","defaultLocale":"zh-TW"}],"scriptLoader":[]}</script></body></html>

CINXE.COM

Recently Updated Plugins | Tenable®