[R1] Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities

Read Time:31 Second

[R1] Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities
Arnie Cabral
Mon, 05/09/2022 – 17:04

Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several third-party components (OpenSSL and jQuery UI) were found to contain vulnerabilities, and updated versions have been made available by the providers.

Out of caution and in line with best practice, Tenable opted to upgrade the bundled components to address the potential impact of these issues. Nessus Network Monitor 6.0.1 updates OpenSSL to version 1.1.1n and jQueryUI to 1.13.0 to address the identified vulnerabilities.

Read More

CVE-2021-20479

Read Time:11 Second

IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498.

Read More

CVE-2019-25060

Read Time:13 Second

The WPGraphQL WordPress plugin before 0.3.5 doesn’t properly restrict access to information about other users’ roles on the affected site. Because of this, a remote attacker could forge a GraphQL query to retrieve the account roles of every user on the site.

Read More