An Improper Certificate Validation vulnerability exists in Tenable Security Center where an authenticated, privileged attacker could intercept email messages sent from Security Center via a rogue SMTP server.
History

Tue, 10 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 09 Dec 2024 21:45:00 +0000

Type Values Removed Values Added
Description An Improper Certificate Validation vulnerability exists in Tenable Security Center where an authenticated, privileged attacker could intercept email messages sent from Security Center via a rogue SMTP server.
Weaknesses CWE-295
References
Metrics cvssV3_1

{'score': 2.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2024-12-09T21:38:47.542Z

Updated: 2024-12-10T17:14:03.468Z

Reserved: 2024-12-04T15:35:28.231Z

Link: CVE-2024-12174

cve-icon Vulnrichment

Updated: 2024-12-10T16:08:28.351Z

cve-icon NVD

Status : Received

Published: 2024-12-09T22:15:22.237

Modified: 2024-12-09T22:15:22.237

Link: CVE-2024-12174

cve-icon Redhat

No data.