Remote Code Execution (RCE) via Hypertext Preprocessor Unserialization in Tenable.sc and Tenable.sc Core versions 5.13.0 - 5.17.0

Remote Code Execution (RCE) via Hypertext Preprocessor Unserialization in Tenable.sc and Tenable.sc Core versions 5.13.0 - 5.17.0

CVE-2021-20076 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.

Learn more about our Cis Benchmark Audit For Server Software.