CVE-2024-12174
CVSS 3.1 Score 2.7 of 10 (low)
Details
Summary
CVE-2024-12174 is an Improper Certificate Validation vulnerability affecting Tenable Security Center. This issue allows authenticated, privileged attackers to intercept email messages sent from Security Center by using a rogue SMTP server. The vulnerability enables unauthorized access to sensitive email communications, potentially compromising security information. Attackers can exploit this weakness to gain valuable insights into an organization's security posture and potentially launch further attacks. It is crucial for organizations using Tenable Security Center to address this vulnerability promptly to prevent email interception and potential security breaches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.