📦

security_center

Vendor: tenable

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 8 Total Indexed

Avg. EPSS 1.05% Exploit Prob.

Latest CVE CVE-2026-2698 Feb 23

Security Vulnerability Index

Page 1 / 1

5.7 CVSS

CVE-2026-2698

An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope.

EPSS: 0.04%

Severity: MEDIUM

Feb 23, 2026

2.1 CVSS

CVE-2026-2697

An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter.

EPSS: 0.15%

Severity: LOW

Feb 23, 2026

5.4 CVSS

CVE-2024-5759

An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required privileges

EPSS: 0.64%

Severity: MEDIUM

Jun 12, 2024

3.5 CVSS

CVE-2024-1891

A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page.

EPSS: 0.21%

Severity: LOW

Jun 12, 2024

5.9 CVSS

CVE-2024-1471

An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks.

EPSS: 0.16%

Severity: MEDIUM

Feb 14, 2024

7.2 CVSS

CVE-2024-1367

RCE

A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to the execution of arbitrary code on the Security Center host.

EPSS: 5.10%

Severity: HIGH

Feb 14, 2024

Displaying 6 of 8 Total Entries

Total 1 Sections