CVE-2017-11506

When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.
References
Link Resource
https://www.tenable.com/security/tns-2017-11 Vendor Advisory
http://www.securitytracker.com/id/1039141 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tenable:nessus:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.1.2:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.5.4:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.9:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.8:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.7:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.6.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.5.5:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.7.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.4.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.3.4:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.9.2:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.8.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.3.3:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.3.2:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.3.6:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.8.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.9.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.6.2:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.5:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.4.3:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.6:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.3.7:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.6.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.9.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.5.6:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.4:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.3:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.4.2:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.9.3:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.10.2:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.3.5:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:6.4.0:*:*:*:*:*:*:*

Information

Published : 2017-08-09 05:29

Updated : 2017-08-24 09:28


NVD link : CVE-2017-11506

Mitre link : CVE-2017-11506


JSON object : View

CWE
CWE-295

Improper Certificate Validation

Advertisement

dedicated server usa

Products Affected

tenable

  • nessus