Tenable Security Center: Improper Privilege Management (CVE-2024-5759)
CVE-2024-5759 Published on June 12, 2024

Improper privilege management
An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required privileges

NVD

Vulnerability Analysis

CVE-2024-5759 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a small impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
NONE
Availability Impact:
LOW

Weakness Type

Improper Privilege Management

The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.


Products Associated with CVE-2024-5759

Want to know whenever a new CVE is published for Tenable Security Center? stack.watch will email you.

Tenable Security Center
 

Affected Versions

Tenable Security Center: tenable security_center:

Exploit Probability

EPSS
0.64%
Percentile
70.24%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.