Tenable Tenable Identity Exposure
4 CVEs affecting Tenable Tenable Identity Exposure. Latest disclosed: 2026-06-23. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-3232 | High | 7.6 | 2024-07-16 | A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate ap… |
CVE-2026-13007 | High | 7.5 | 2026-06-23 | Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including clearte… |
CVE-2025-1091 | Medium | 4.3 | 2025-02-26 | A Broken Authorization schema exists where any authenticated user could download IOA script and configuration files if the URL is known. |
CVE-2025-0760 | Low | 2.7 | 2025-02-26 | A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption. |