CVE-2024-1367 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-1367 PUBLISHED CVSS 7.199999809265137 HIGH

A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to the execution of arbitrary code on the Security Center host.

EPSS 5.10% · 89.8th percentile

Risk Scores

CVSS v3.1

7.199999809265137

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

5.10%

89.8th percentile

Affected Products

Vendor	Product	Versions
Tenable	Security Center	0
tenable	security_center	0

Timeline

Feb 14, 2024 CVE Published
Feb 15, 2024 EPSS Score
Mar 12, 2024 EPSS Score
Apr 8, 2024 EPSS Score
May 30, 2024 EPSS Score
Jun 26, 2024 EPSS Score
Jul 22, 2024 EPSS Score
Aug 21, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 13, 2024 EPSS Score
Nov 8, 2024 EPSS Score
Nov 9, 2024 Coalition ESS Score

References

https://www.tenable.com/security/tns-2024-02 url
https://www.tenable.com/security/tns-2024-06 advisory
https://nvd.nist.gov/vuln/detail/CVE-2024-1367 advisory

Open in Interactive Console →