Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.NNM_6_3_1.NASLHistoryNov 30, 2023 - 12:00 a.m.
Nessus Network Monitor < 6.3.1 Multiple Vulnerabilities (TNS-2023-43)
2023-11-3000:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
nessus
network monitor
vulnerabilities
handlebarsjs
openssl
jquery-file-upload
upgrade
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.967 High
EPSS
Percentile
99.7%
According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-43 advisory.
- Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components (HandlebarsJS, OpenSSL, and jquery-file-upload)were found to contain vulnerabilities, and updated versions have been made available by the providers.Out of caution and in line with best practice, Tenable has opted to upgrade these components to address the potential impact of the issues. Nessus Network Monitor 6.3.1 updates HandlebarsJS to version 4.7.8, OpenSSL to version 3.0.12, and jquery-file-upload to version 10.8.0. Tenable has released Nessus Network Monitor 6.3.1 to address these issues. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/nessus-network-monitor). (CVE-2018-9206, CVE-2021-23369, CVE-2021-23383, CVE-2023-5363)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(186472);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/19");
script_cve_id(
"CVE-2018-9206",
"CVE-2021-23369",
"CVE-2021-23383",
"CVE-2023-5363"
);
script_name(english:"Nessus Network Monitor < 6.3.1 Multiple Vulnerabilities (TNS-2023-43)");
script_set_attribute(attribute:"synopsis", value:
"An instance of Tenable NNM installed on the remote system is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.3.1. It is,
therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-43 advisory.
- Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of
the third-party components (HandlebarsJS, OpenSSL, and jquery-file-upload)were found to contain
vulnerabilities, and updated versions have been made available by the providers.Out of caution and in line
with best practice, Tenable has opted to upgrade these components to address the potential impact of the
issues. Nessus Network Monitor 6.3.1 updates HandlebarsJS to version 4.7.8, OpenSSL to version 3.0.12, and
jquery-file-upload to version 10.8.0. Tenable has released Nessus Network Monitor 6.3.1 to address these
issues. The installation files can be obtained from the Tenable Downloads Portal
(https://www.tenable.com/downloads/nessus-network-monitor). (CVE-2018-9206, CVE-2021-23369,
CVE-2021-23383, CVE-2023-5363)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.tenable.com/security/TNS-2023-43");
script_set_attribute(attribute:"solution", value:
"Upgrade to Nessus Network Monitor 6.3.1 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-23383");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"d2_elliot_name", value:"jQuery File Upload");
script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'blueimps jQuery (Arbitrary) File Upload');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"CANVAS");
script_set_attribute(attribute:"vendor_severity", value:"Critical");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/10/09");
script_set_attribute(attribute:"patch_publication_date", value:"2023/11/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:tenable:nnm");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("nnm_installed_win.nbin", "nnm_installed_nix.nbin");
script_require_keys("installed_sw/Tenable NNM", "Host/nnm_installed");
exit(0);
}
include('vcf.inc');
var app_name = 'Tenable NNM';
var app_info = vcf::get_app_info(app:app_name);
vcf::check_granularity(app_info:app_info, sig_segments:3);
var constraints = [
{ 'max_version' : '6.3.0', 'fixed_version' : '6.3.1' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Related
openvas
openvas
nessus
nessus
RHEL 6 : nodejs-handlebars (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : nodejs-handlebars (Unpatched Vulnerability)
2024-05-11 00:00:00
HandlebarsJS < 4.7.7 Multiple Vulnerabilities
2023-10-24 00:00:00
ibm
ibm
redhat
redhat
(RHSA-2021:2500) Moderate: Red Hat OpenShift Enterprise security and bug fix update
2021-06-29 06:20:36
(RHSA-2024:0310) Moderate: openssl security update
2024-01-22 01:04:54
(RHSA-2024:0500) Moderate: openssl security update
2024-01-25 16:25:40
packetstorm
packetstorm
Blueimp jQuery File Upload 9.22.0 Arbitrary File Upload
2019-01-17 00:00:00
blueimp jQuery Arbitrary File Upload
2018-11-05 00:00:00
github
github
Unrestricted Upload of File with Dangerous Type in blueimp-file-upload
2018-10-22 18:53:56
Remote code execution in handlebars when compiling templates
2021-05-06 15:57:44
Prototype Pollution in handlebars
2022-02-10 23:51:42
ubuntucve
ubuntucve
debiancve
debiancve
prion
prion
Code injection
2021-05-04 09:15:00
Remote code execution
2021-04-12 14:15:00
Design/Logic Flaw
2018-10-11 15:29:00
cve
cve
redhatcve
redhatcve
osv
osv
canvas
canvas
Immunity Canvas: JQUERY_FILE_UPLOAD
2018-10-11 15:29:00
exploitpack
exploitpack
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
2018-10-11 00:00:00
Blueimps jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
2019-01-16 00:00:00
wpvulndb
wpvulndb
Tajer - Unauthenticated Arbitrary File Upload
2018-10-15 00:00:00
Art-Picture-Gallery <= 1.2.9 - Unauthenticated Arbitrary File Upload
2020-04-02 00:00:00
veracode
veracode
Prototype Pollution
2021-05-05 01:32:58
Prototype Pollution
2021-04-13 05:39:51
Arbitrary File Upload
2018-10-12 02:43:31
nvd
nvd
wpexploit
wpexploit
Art-Picture-Gallery <= 1.2.9 - Unauthenticated Arbitrary File Upload
2020-04-02 00:00:00
Tajer - Unauthenticated Arbitrary File Upload
2018-10-15 00:00:00
cvelist
cvelist
CVE-2018-9206
2018-10-11 15:00:00
CVE-2021-23369 Remote Code Execution (RCE)
2021-04-12 00:00:00
CVE-2021-23383 Prototype Pollution
2021-05-04 00:00:00
threatpost
threatpost
Thousands of Applications Vulnerable to RCE via jQuery File Upload
2018-10-23 12:31:06
patchstack
patchstack
nodejs
nodejs
Remote code execution when compiling templates
2021-05-06 16:14:21
kitploit
kitploit
zdt
zdt
blueimp jQuery Arbitrary File Upload Exploit
2018-11-05 00:00:00
dsquare
dsquare
jQuery File Upload
2018-10-18 00:00:00
checkpoint_advisories
checkpoint_advisories
Blueimp jQuery File Upload Remote Code Execution (CVE-2018-9206)
2018-11-01 00:00:00
metasploit
metasploit
blueimp's jQuery (Arbitrary) File Upload
2018-10-23 04:35:42
exploitdb
exploitdb
Blueimp's jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
2019-01-16 00:00:00
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
2018-10-11 00:00:00
blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
2018-11-06 00:00:00
almalinux
almalinux
Moderate: openssl security update
2024-01-22 00:00:00
alpinelinux
alpinelinux
CVE-2023-5363
2023-10-25 18:17:43
openssl
openssl
Vulnerability in OpenSSL CVE-2023-5363
2023-10-24 00:00:00
freebsd
freebsd
OpenSSL -- potential loss of confidentiality
2023-10-24 00:00:00
mageia
mageia
Updated quictls packages fix a security vulnerability
2023-11-12 03:44:53
Updated openssl packages fix a security vulnerability
2023-11-09 15:55:51
cgr
cgr
CVE-2023-5363 vulnerabilities
2024-05-19 03:07:16
debian
debian
[SECURITY] [DSA 5532-1] openssl security update
2023-10-24 19:19:01
oraclelinux
oraclelinux
openssl security update
2024-01-22 00:00:00
openssl security update
2024-01-25 00:00:00
f5
f5
K000138177 : OpenSSL vulnerability CVE-2023-5363
2024-01-10 00:00:00
wolfi
wolfi
CVE-2023-5363 vulnerabilities
2024-06-18 09:08:19
redos
redos
ROS-20231110-02
2023-11-10 00:00:00
ROS-20240409-06
2024-04-09 00:00:00
ROS-20231109-01
2023-11-09 00:00:00
rubygems
rubygems
Remote code execution in handlebars when compiling templates
2021-04-11 21:00:00
Prototype Pollution in handlebars
2021-05-03 21:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0124
2023-10-24 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0496
2023-10-25 00:00:00
cloudfoundry
cloudfoundry
USN-6450-1: OpenSSL vulnerabilities | Cloud Foundry
2023-11-09 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2023-10-24 00:00:00
aix
aix
impervablog
impervablog
CrimeOps of the KashmirBlack Botnet – Part II
2020-10-22 18:55:05
ics
ics
Siemens SIMATIC RTLS Locating Manager
2024-05-16 12:00:00
hp
hp
HP Device Manager Vulnerability Update (5.0.12)
2024-01-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.967 High
EPSS
Percentile
99.7%
Related for NNM_6_3_1.NASL