When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: tenable
Published: 2017-08-09T12:00:00Z
Updated: 2024-09-17T03:34:29.415Z
Reserved: 2017-07-21T00:00:00
Link: CVE-2017-11506
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-08-09T12:29:00.257
Modified: 2024-11-21T03:07:54.493
Link: CVE-2017-11506
Redhat
No data.