CVE-2024-1471 — Vulnetix

CVE-2024-1471 PUBLISHED CVSS 5.900000095367432 MEDIUM

An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks.

EPSS 0.16% · 36.2th percentile

Risk Scores

CVSS 3.1

5.900000095367432

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

EPSS Score

0.16%

36.2th percentile

Affected Products

Vendor	Product	Versions
tenable	security_center	0, 0
Tenable	Security Center	0, 0

Exploit Intelligence

CIRCL seen: CVE-2024-1471 (circl-sighting)
https://www.tenable.com/security/tns-2024-02 (circl)

Timeline

Feb 14, 2024 CVE Published
Feb 14, 2024 PoC Published
Feb 15, 2024 EPSS Score
Mar 13, 2024 EPSS Score
Apr 9, 2024 EPSS Score
May 6, 2024 EPSS Score
Jun 1, 2024 EPSS Score
Jun 29, 2024 EPSS Score
Jul 26, 2024 EPSS Score
Aug 26, 2024 EPSS Score
Sep 22, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score

References

https://www.tenable.com/security/tns-2024-02 advisory
https://nvd.nist.gov/vuln/detail/CVE-2024-1471 advisory

Open in Interactive Console →