Vulnerabilities > CVE-2021-20076 - Deserialization of Untrusted Data vulnerability in Tenable Tenable.Sc 5.14.0/5.14.1/5.17.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |