Tenable Security Center
10 CVEs affecting Tenable Security Center. Latest disclosed: 2026-02-23. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-2630 | High | 8.8 | 2026-02-17 | A Command Injection vulnerability exists where an authenticated, remote attacker could execute arbitrary code on the underlying server where Tenable Security C… |
CVE-2024-1367 | High | 7.2 | 2024-02-14 | A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify… |
CVE-2026-2698 | Medium | 6.5 | 2026-02-23 | An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope. |
CVE-2026-2697 | Medium | 6.3 | 2026-02-23 | An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter. |
CVE-2023-2005 | Medium | 6.3 | 2023-06-26 | Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: befor… |
CVE-2024-1471 | Medium | 5.9 | 2024-02-14 | An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify R… |
CVE-2024-5759 | Medium | 5.4 | 2024-06-12 | An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and la… |
CVE-2025-36636 | Medium | 4.3 | 2025-10-08 | In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability exists where an authenticated user could access areas outside of t… |
CVE-2024-1891 | Low | 3.5 | 2024-06-12 | A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web applica… |
CVE-2024-12174 | Low | 2.7 | 2024-12-09 | An Improper Certificate Validation vulnerability exists in Tenable Security Center where an authenticated, privileged attacker could intercept email messages s… |