Formula Injection Vulnerability
CVE-2024-3232
7.6HIGH
What is CVE-2024-3232?
A formula injection vulnerability exists in Tenable Identity Exposure that allows authenticated remote attackers with administrative privileges to craft malicious payloads via application form fields. By exploiting this vulnerability, attackers can deceive other administrators into executing potentially harmful CSV payloads. This manipulation can lead to unauthorized data exposure or other malicious activities, emphasizing the need for vigilance and robust security measures when using affected versions of the product.
Affected Version(s)
Tenable Identity Exposure Windows Tenable Identity Exposure 3.42
Tenable Identity Exposure Windows Tenable Identity Exposure 3.42
Tenable Identity Exposure Windows Tenable Identity Exposure 3.29