CVE-2024-8932

critical

Description

Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components (OpenSSL, PHP) were found to contain vulnerabilities, and updated versions have been made available by the providers.Out of caution and in line with best practice, Tenable has opted to upgrade these components to address the potential impact of the issues. Security Center Patch SC-202412.1 updates OpenSSL to version 3.0.15 and PHP to version 8.2.26 to address the identified vulnerabilities. Tenable has released Security Center Patch SC-202412.1 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/security-center

References

https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff

Details

Source: Mitre, NVD

Published: 2024-12-20

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H