CVE-2019-3962 - OpenCVE

Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Tenable	Nessus

Configuration 1 [-]

cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/109025
https://www.tenable.com/security/tns-2019-04

History

No history.

MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2019-07-01T19:39:06

Updated: 2024-08-04T19:26:27.620Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3962

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-07-01T20:15:11.820

Modified: 2020-08-24T17:37:01.140

Link: CVE-2019-3962

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Nessus", "vendor": "Tenable", "versions": [{"status": "affected", "version": "All versions prior to 8.5.0"}]}], "descriptions": [{"lang": "en", "value": "Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration."}], "problemTypes": [{"descriptions": [{"description": "Content Injection", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-04T15:06:04", "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.tenable.com/security/tns-2019-04"}, {"name": "109025", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/109025"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnreport@tenable.com", "ID": "CVE-2019-3962", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Nessus", "version": {"version_data": [{"version_value": "All versions prior to 8.5.0"}]}}]}, "vendor_name": "Tenable"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Content Injection"}]}]}, "references": {"reference_data": [{"name": "https://www.tenable.com/security/tns-2019-04", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2019-04"}, {"name": "109025", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109025"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:26:27.620Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.tenable.com/security/tns-2019-04"}, {"name": "109025", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/109025"}]}]}, "cveMetadata": {"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "assignerShortName": "tenable", "cveId": "CVE-2019-3962", "datePublished": "2019-07-01T19:39:06", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2024-08-04T19:26:27.620Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*", "matchCriteriaId": "219BAC85-23A1-41D4-9132-848D382D392E", "versionEndExcluding": "8.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de contenidos en Tenable Nessus en versiones anteriores a la 8.5.0 puede permitir que un atacante local autenticado explote esta vulnerabilidad al convencer a otro usuario de Nessus para que vea una URL maliciosa y use Nessus para enviar mensajes fraudulentos. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al adversario autenticado inyectar texto arbitrario en el estado del feed, que permanecer\u00e1 guardado despu\u00e9s de la expiraci\u00f3n de la sesi\u00f3n."}], "id": "CVE-2019-3962", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-01T20:15:11.820", "references": [{"source": "vulnreport@tenable.com", "tags": ["Third Party Advisory"], "url": "http://www.securityfocus.com/bid/109025"}, {"source": "vulnreport@tenable.com", "tags": ["Vendor Advisory"], "url": "https://www.tenable.com/security/tns-2019-04"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}