Home

CVE-2017-2122

Description

Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

Risk Information

Base Score
5.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.2

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2017-11506,CVE-2017-2122,CVE-2017-7199 are affected in Nessus Agent (x64) 6.8.0Windows
Multiple Vulnerabilities are affected in Nessus Agent (x64) 6.8.1Windows
Vulnerabilities CVE-2017-11506,CVE-2017-2122,CVE-2017-7199 are affected in Nessus Agent (x64) 6.9.0Windows
Vulnerabilities CVE-2017-11506,CVE-2017-2122,CVE-2017-7199 are affected in Nessus Agent (x64) 6.9.1Windows
Vulnerabilities CVE-2017-11506,CVE-2017-2122,CVE-2017-5179,CVE-2017-7199 are affected in Nessus Agent (x64) 6.9.2Windows
Vulnerabilities CVE-2017-11506,CVE-2017-2122,CVE-2017-7199 are affected in Nessus Agent 6.8.0Windows
Multiple Vulnerabilities are affected in Nessus Agent 6.8.1Windows
Vulnerabilities CVE-2017-11506,CVE-2017-2122,CVE-2017-7199 are affected in Nessus Agent 6.9.0Windows
Vulnerabilities CVE-2017-11506,CVE-2017-2122,CVE-2017-7199 are affected in Nessus Agent 6.9.1Windows
Vulnerabilities CVE-2017-11506,CVE-2017-2122,CVE-2017-5179,CVE-2017-7199 are affected in Nessus Agent 6.9.2Windows
Vulnerabilities CVE-2017-5179,CVE-2017-2122 are fixed in Nessus 6.9.3Windows
Vulnerabilities CVE-2017-5179,CVE-2017-2122 are fixed in Tenable Nessus 6.9.3Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-343100Nessus Agent (x64) (10.8.0)
PATCH-343100Nessus Agent (x64) (10.8.0)
PATCH-343100Nessus Agent (x64) (10.8.0)
PATCH-343100Nessus Agent (x64) (10.8.0)
PATCH-343100Nessus Agent (x64) (10.8.0)
PATCH-343099Nessus Agent (10.8.0)
PATCH-343099Nessus Agent (10.8.0)
PATCH-343099Nessus Agent (10.8.0)
PATCH-343099Nessus Agent (10.8.0)
PATCH-343099Nessus Agent (10.8.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234