- Home
- CVEs with nessus.description==According to its self-reported version, the Tenable Nessus application running on the remote host is 8.x prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities:
- Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's DSA signature algorithm that renders it vulnerable to a timing side channel attack.
An attacker could leverage this vulnerability to recover the private key. (CVE-2018-0734)
- Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's Simultaneous Multithreading (SMT) architectures which render it vulnerable to side-channel leakage. This issue is known as 'PortSmash'. An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top