CVE-2024-12174

CVSS 3.1 Score 2.7 of 10 (low)

Details

Published Dec 9, 2024
CWE ID 295

Summary

CVE-2024-12174 is an Improper Certificate Validation vulnerability affecting Tenable Security Center. This issue allows authenticated, privileged attackers to intercept email messages sent from Security Center by using a rogue SMTP server. The vulnerability enables unauthorized access to sensitive email communications, potentially compromising security information. Attackers can exploit this weakness to gain valuable insights into an organization's security posture and potentially launch further attacks. It is crucial for organizations using Tenable Security Center to address this vulnerability promptly to prevent email interception and potential security breaches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share