CVE-2019-3962 - OpenCVE

Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Tenable	Nessus

Configuration 1 [-]

cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/109025	Third Party Advisory
https://www.tenable.com/security/tns-2019-04	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: tenable

Published: 2019-07-01T19:39:06

Updated: 2019-07-04T15:06:04

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3962

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-07-01T20:15:11.820

Modified: 2020-08-24T17:37:01.140

Link: CVE-2019-3962

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "Nessus", "vendor": "Tenable", "versions": [{"status": "affected", "version": "All versions prior to 8.5.0"}]}], "descriptions": [{"lang": "en", "value": "Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration."}], "problemTypes": [{"descriptions": [{"description": "Content Injection", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-04T15:06:04", "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.tenable.com/security/tns-2019-04"}, {"name": "109025", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/109025"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnreport@tenable.com", "ID": "CVE-2019-3962", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Nessus", "version": {"version_data": [{"version_value": "All versions prior to 8.5.0"}]}}]}, "vendor_name": "Tenable"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Content Injection"}]}]}, "references": {"reference_data": [{"name": "https://www.tenable.com/security/tns-2019-04", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2019-04"}, {"name": "109025", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109025"}]}}}}, "cveMetadata": {"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "assignerShortName": "tenable", "cveId": "CVE-2019-3962", "datePublished": "2019-07-01T19:39:06", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2019-07-04T15:06:04", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*", "matchCriteriaId": "219BAC85-23A1-41D4-9132-848D382D392E", "versionEndExcluding": "8.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de contenidos en Tenable Nessus en versiones anteriores a la 8.5.0 puede permitir que un atacante local autenticado explote esta vulnerabilidad al convencer a otro usuario de Nessus para que vea una URL maliciosa y use Nessus para enviar mensajes fraudulentos. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al adversario autenticado inyectar texto arbitrario en el estado del feed, que permanecer\u00e1 guardado despu\u00e9s de la expiraci\u00f3n de la sesi\u00f3n."}], "id": "CVE-2019-3962", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-01T20:15:11.820", "references": [{"source": "vulnreport@tenable.com", "tags": ["Third Party Advisory"], "url": "http://www.securityfocus.com/bid/109025"}, {"source": "vulnreport@tenable.com", "tags": ["Vendor Advisory"], "url": "https://www.tenable.com/security/tns-2019-04"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}