cvedb.io
CVE-2024-9158
HIGH · CVSS 8.4
EPSS exploitation probability: 0%
Published 2024-09-30T17:15:05.407 · Last modified 2026-06-17T08:24:03.913

Summary

A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI.

Affected products

tenable — nessus_network_monitor

Does this affect you?

Add your gear to cvedb and we'll alert you only when tenable ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.