Tenable Nessus Network Monitor — known CVE vulnerabilities
Every CVE whose affected-product data names Tenable Nessus Network Monitor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2021-3711 — CVSS 9.8 (critical): In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application…
CVE-2024-9158 — CVSS 8.4 (high): A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject…
CVE-2020-5794 — CVSS 7.8 (high): A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated local attacker to…
CVE-2025-24917 — CVSS 7.8 (high): In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could stage files in a…
CVE-2021-23840 — CVSS 7.5 (high): Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input…
CVE-2021-3712 — CVSS 7.4 (high): ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a…
CVE-2021-3450 — CVSS 7.4 (high): The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by…
CVE-2023-5624 — CVSS 7.2 (high): Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to…
CVE-2023-5622 — CVSS 7.1 (high): Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows…
CVE-2023-5623 — CVSS 7.0 (high): NNM failed to properly set ACLs on its installation directory, which could allow a low privileged user to run arbitrary code with SYSTEM…
CVE-2025-24916 — CVSS 7.0 (high): When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did…
CVE-2020-1971 — CVSS 5.9 (medium): The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName…
CVE-2021-3449 — CVSS 5.9 (medium): An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation…
CVE-2021-23841 — CVSS 5.9 (medium): The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number…