Vulnerabilities > Tenable > Appliance > 4.1.0

DATE CVE VULNERABILITY TITLE RISK
2018-03-28 CVE-2018-1142 Cross-site Scripting vulnerability in Tenable Appliance
Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability.
network
low complexity
tenable CWE-79
5.4
5.4
2017-04-21 CVE-2017-8051 OS Command Injection vulnerability in Tenable Appliance
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI.
network
low complexity
tenable CWE-78
critical
 9.8
9.8
2017-04-21 CVE-2017-8050 Unspecified vulnerability in Tenable Appliance
Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password.
network
low complexity
tenable
7.5
7.5