cvedb.io
CVE-2017-11508
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2017-11-02T17:29:00.197 · Last modified 2026-06-17T01:01:54.950

Summary

SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection vulnerability that could be exploited by an authenticated user with sufficient privileges to run diagnostic scans. An attacker could exploit this vulnerability by entering a crafted SQL query into the password field of a diagnostic scan within SecurityCenter. Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access.

Affected products

tenable — securitycenter

Does this affect you?

Add your gear to cvedb and we'll alert you only when tenable ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.