TLS Certificate Verification Bypass in Nessus 6.x before 6.11
CVE-2017-11506 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:N
When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.
Learn more about our Web Application Penetration Testing UK.