Vulnerability Database

300,444

Total vulnerabilities in the database

CVE-2017-11506

When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.

  • Published: Aug 9, 2017
  • Updated: Nov 9, 2025
  • CVE: CVE-2017-11506
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
tenable / nessus 6.3.7 6.3.7.x
tenable / nessus 6.10.7 6.10.7.x
tenable / nessus 6.6.1 6.6.1.x
tenable / nessus 6.10.9 6.10.9.x
tenable / nessus 6.5.3 6.5.3.x
tenable / nessus 6.9.1 6.9.1.x
tenable / nessus 6.5.6 6.5.6.x
tenable / nessus 6.10.4 6.10.4.x
tenable / nessus 6.6.0 6.6.0.x
tenable / nessus 6.1.2 6.1.2.x
tenable / nessus 6.5.5 6.5.5.x
tenable / nessus 6.0.2 6.0.2.x
tenable / nessus 6.3.1 6.3.1.x
tenable / nessus 6.2.1 6.2.1.x
tenable / nessus 6.10.3 6.10.3.x
tenable / nessus 6.1.0 6.1.0.x
tenable / nessus 6.5.4 6.5.4.x
tenable / nessus 6.7.0 6.7.0.x
tenable / nessus 6.4.1 6.4.1.x
tenable / nessus 6.10.1 6.10.1.x
tenable / nessus 6.4.2 6.4.2.x
tenable / nessus 6.3.4 6.3.4.x
tenable / nessus 6.9.3 6.9.3.x
tenable / nessus 6.10.8 6.10.8.x
tenable / nessus 6.9.2 6.9.2.x
tenable / nessus 6.8.1 6.8.1.x
tenable / nessus 6.3.3 6.3.3.x
tenable / nessus 6.5.0 6.5.0.x
tenable / nessus 6.3.2 6.3.2.x
tenable / nessus 6.10.2 6.10.2.x
tenable / nessus 6.3.6 6.3.6.x
tenable / nessus 6.8.0 6.8.0.x
tenable / nessus 6.5.1 6.5.1.x
tenable / nessus 6.9.0 6.9.0.x
tenable / nessus 6.2.0 6.2.0.x
tenable / nessus 6.0.0 6.0.0.x
tenable / nessus 6.6.2 6.6.2.x
tenable / nessus 6.10.5 6.10.5.x
tenable / nessus 6.1.1 6.1.1.x
tenable / nessus 6.0.1 6.0.1.x
tenable / nessus 6.5.2 6.5.2.x
tenable / nessus 6.4.3 6.4.3.x
tenable / nessus 6.3.5 6.3.5.x
tenable / nessus 6.10.0 6.10.0.x
tenable / nessus 6.4.0 6.4.0.x
tenable / nessus 6.10.6 6.10.6.x
tenable / nessus 6.3.0 6.3.0.x