Vulnerabilities > Tenable > Appliance > 3.10.0

DATE CVE VULNERABILITY TITLE RISK
2018-03-28 CVE-2018-1142 Cross-site Scripting vulnerability in Tenable Appliance
Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability.
network
tenable CWE-79
3.5
2017-04-21 CVE-2017-8051 OS Command Injection vulnerability in Tenable Appliance
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI.
network
low complexity
tenable CWE-78
critical
10.0
2017-04-21 CVE-2017-8050 Unspecified vulnerability in Tenable Appliance
Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password.
network
low complexity
tenable
5.0