Tenable Identity Exposure

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:tenable:tenable_identity_exposure:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorTenable (c0ec4e71-d667-5327-b3ed-b4c21aa5a87e)
ProductTenable Identity Exposure (404b0ea3-ef72-5b83-ae2c-b1ab841a830a)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-1091 vulnerable 2026-06-03 14:58:57.804721 Broken Authorization Schema
MEDIUM (4.3)
A Broken Authorization schema exists where any authenticated user could download IOA script and configuration files if the URL is known.
Published: 2025-02-25T23:27:44.401Z
Updated: 2025-02-26T15:43:26.749Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-0760 vulnerable 2026-06-03 14:58:32.923345 Stored Credential Disclosure Vulnerability
LOW (2.7)
A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption.
Published: 2025-02-25T23:31:24.292Z
Updated: 2025-02-26T15:43:21.203Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-3232 vulnerable 2026-06-03 14:56:23.760541 Formula Injection Vulnerability
HIGH (7.6)
A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232
Published: 2024-07-16T17:02:19.000Z
Updated: 2024-08-01T20:05:08.350Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.