CVE-2022-0130 – Tenable.sc versions 5.14.0 through 5.19.1 conta... (How to Fix)

Q: What is the severity of CVE-2022-0130?

CVE-2022-0130 has a CVSS score of 8.1 (HIGH). Tenable.sc versions 5.14.0 through 5.19.1 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code on the system. Attackers must first stage a specific file type in the web server root directory before exploitation. Organizations running affected Tenable.sc versions are vulnerable.

📋 TL;DR

Tenable.sc versions 5.14.0 through 5.19.1 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code on the system. Attackers must first stage a specific file type in the web server root directory before exploitation. Organizations running affected Tenable.sc versions are vulnerable.

💻 Affected Systems

Products:

Tenable.sc

Versions: 5.14.0 through 5.19.1

Operating Systems: All platforms running Tenable.sc

Default Config Vulnerable: ⚠️ Yes

Notes: Requires attacker to stage specific file type in web server root directory prior to exploitation

📦 What is this software?

Tenable.sc by Tenable

View all CVEs affecting Tenable.sc →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise allowing attacker to execute arbitrary commands, install malware, pivot to other systems, and exfiltrate sensitive vulnerability data.

🟠

Likely Case

Attacker gains initial foothold on the Tenable.sc server, potentially leading to credential theft, data exfiltration, and lateral movement within the network.

🟢

If Mitigated

Attack prevented through proper file system permissions, network segmentation, and timely patching, limiting impact to isolated security incident.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires two-step process: file staging followed by remote execution. No public exploit code available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.19.2

Vendor Advisory: https://www.tenable.com/security/tns-2022-01

Restart Required: Yes

Instructions:

1. Download Tenable.sc 5.19.2 from Tenable support portal. 2. Backup current configuration. 3. Stop Tenable.sc services. 4. Install update package. 5. Restart services. 6. Verify successful update.

🔧 Temporary Workarounds

Restrict web server root directory permissions

linux

Prevent unauthorized file uploads to web server root directory

chmod 750 /path/to/tenable/webroot
chown root:root /path/to/tenable/webroot

Network segmentation

all

Isolate Tenable.sc server from untrusted networks

🧯 If You Can't Patch

Implement strict file system permissions on web server root directory to prevent file staging
Deploy network segmentation and firewall rules to restrict access to Tenable.sc from untrusted networks

🔍 How to Verify

Check if Vulnerable:

Check Tenable.sc version via web interface (Admin → System Summary) or command line: grep version /opt/sc/conf/sc.properties

Check Version:

grep version /opt/sc/conf/sc.properties

Verify Fix Applied:

Verify version is 5.19.2 or later and check that web server root directory has restricted permissions

📡 Detection & Monitoring

Log Indicators:

Unauthorized file uploads to web server directory
Unusual process execution from web server context
Failed authentication attempts followed by file upload activity

Network Indicators:

Unusual outbound connections from Tenable.sc server
HTTP requests attempting to access staged files

SIEM Query:

source="tenable_sc" AND (event_type="file_upload" OR event_type="process_execution") AND user="unauthenticated"

📊 Metadata

CVE ID: CVE-2022-0130

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Published: January 14, 2022

Last Updated: November 21, 2024

🔗 References

https://www.tenable.com/security/tns-2022-01 Vendor Advisory
https://www.tenable.com/security/tns-2022-01 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON