Nessus Network Monitor Security Update Advisory (CVE-2024-9158)

Oct 08 2024

Overview

An update has been released to address vulnerabilities in Nessus Network Monitor. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-9158

Nessus Network Monitor versions: ~ 6.5.0 (excluded)

Resolved Vulnerabilities

A stored XSS vulnerability (CVE-2024-9158) allows authenticated, privileged local attackers to inject arbitrary code into the NNM UI via the local CLI

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available with the latest update. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-9158

Nessus Network Monitor version: 6.5.0

References

[1] CVE-2024-9158 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-9158

[2] [R1] Nessus Network Monitor 6.5.0 Fixes Multiple Vulnerabilities

https://www.tenable.com/security/tns-2024-17

Nessus Network Monitor Security Update Advisory (CVE-2024-9158)

Microsoft Edge browser (129.0.2792.79) version security update advisory

Redis Vulnerability Security Update Advisory (CVE-2024-31449)

Tags:

Microsoft Edge browser (129.0.2792.79) version security update advisory

Redis Vulnerability Security Update Advisory (CVE-2024-31449)