Description
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-16T22:56:34.454Z
Reserved: 2017-04-21T00:00:00.000Z
Link: CVE-2017-8051
No data.
Status : Modified
Published: 2017-04-21T18:59:00.317
Modified: 2026-06-17T01:25:41.750
Link: CVE-2017-8051
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')