{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2697", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "state": "PUBLISHED", "assignerShortName": "tenable", "dateReserved": "2026-02-18T15:05:03.676Z", "datePublished": "2026-02-23T15:17:13.031Z", "dateUpdated": "2026-02-26T14:44:10.953Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Security Center", "vendor": "Tenable", "versions": [{"lessThan": "6.8.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tenable:security_center:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.8.0", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter."}], "value": "An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 2.1, "baseSeverity": "LOW", "exploitMaturity": "PROOF_OF_CONCEPT", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "CWE-639: Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2026-02-23T15:17:13.031Z"}, "references": [{"url": "https://www.tenable.com/security/tns-2026-07"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Tenable has released Security Center 6.8.0 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/downloads/security-center\">https://www.tenable.com/downloads/security-center</a></p><p><strong>Note: </strong>Patches that include fixes for <u>Apache, PHP and Libcurl</u>&nbsp;were recently released (<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/security/tns-2026-06)\">https://www.tenable.com/security/tns-2026-06)</a>. Tenable Security Center 6.8.0 includes all of these fixes. Please refer to the <a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.tenable.com/release-notes/Content/security-center/2026.htm\">Tenable SC Release Notes</a>&nbsp;for more information.</p>"}], "value": "Tenable has released Security Center 6.8.0 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/security-center \n\nNote: Patches that include fixes for Apache, PHP and Libcurl\u00a0were recently released ( https://www.tenable.com/security/tns-2026-06) . Tenable Security Center 6.8.0 includes all of these fixes. Please refer to the Tenable SC Release Notes https://docs.tenable.com/release-notes/Content/security-center/2026.htm \u00a0for more information."}], "source": {"advisory": "tns-2026-07", "discovery": "EXTERNAL"}, "title": "Indirect Object Reference (IDOR) in Security Center", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2697", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-24T04:56:37.938906Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T14:44:10.953Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2697", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-24T04:56:37.938906Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-23T16:03:56.807Z"}}], "cna": {"title": "Indirect Object Reference (IDOR) in Security Center", "source": {"advisory": "tns-2026-07", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Tenable", "product": "Security Center", "versions": [{"status": "affected", "version": "0", "lessThan": "6.8.0", "versionType": "semver"}], "defaultStatus": "affected"}], "solutions": [{"lang": "en", "value": "Tenable has released Security Center 6.8.0 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/security-center \n\nNote: Patches that include fixes for Apache, PHP and Libcurl\u00a0were recently released ( https://www.tenable.com/security/tns-2026-06) . Tenable Security Center 6.8.0 includes all of these fixes. Please refer to the Tenable SC Release Notes https://docs.tenable.com/release-notes/Content/security-center/2026.htm \u00a0for more information.", "supportingMedia": [{"type": "text/html", "value": "<p>Tenable has released Security Center 6.8.0 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/downloads/security-center\">https://www.tenable.com/downloads/security-center</a></p><p><strong>Note: </strong>Patches that include fixes for <u>Apache, PHP and Libcurl</u>&nbsp;were recently released (<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.tenable.com/security/tns-2026-06)\">https://www.tenable.com/security/tns-2026-06)</a>. Tenable Security Center 6.8.0 includes all of these fixes. Please refer to the <a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.tenable.com/release-notes/Content/security-center/2026.htm\">Tenable SC Release Notes</a>&nbsp;for more information.</p>", "base64": false}]}], "references": [{"url": "https://www.tenable.com/security/tns-2026-07"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter.", "supportingMedia": [{"type": "text/html", "value": "An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639: Authorization Bypass Through User-Controlled Key"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tenable:security_center:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.0", "versionStartIncluding": "0"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2026-02-23T15:17:13.031Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2697", "state": "PUBLISHED", "dateUpdated": "2026-02-26T14:44:10.953Z", "dateReserved": "2026-02-18T15:05:03.676Z", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "datePublished": "2026-02-23T15:17:13.031Z", "assignerShortName": "tenable"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tenable:security_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "17DB70B4-3F31-4D7A-BEBF-00E422A8FA3B", "versionEndExcluding": "6.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter."}, {"lang": "es", "value": "Una Referencia Indirecta a Objeto (IDOR) en Security Center permite a un atacante remoto autenticado escalar privilegios a trav\u00e9s del par\u00e1metro 'owner'."}], "id": "CVE-2026-2697", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "vulnreport@tenable.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vulnreport@tenable.com", "type": "Secondary"}]}, "published": "2026-02-23T16:29:37.323", "references": [{"source": "vulnreport@tenable.com", "tags": ["Vendor Advisory"], "url": "https://www.tenable.com/security/tns-2026-07"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "vulnreport@tenable.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.8.0)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Security Center", "source": "cna", "vendor": "Tenable"}, "product": "security_center", "vendor": "tenable"}], "analysis": {"en": {"generated_at": "2026-04-18T11:03:57.346539+00:00", "value": {"mitigation_remediation": ["Upgrade to Tenable Security Center version 6.8.0 or newer, which incorporates the fix for this IDOR issue. The patch can be downloaded from the Tenable Downloads Portal.", "Apply the update for Apache, PHP, and libcurl that accompanies the Security Center 6.8.0 release, following the guidance in the Tenable SC Release Notes.", "Modify privilege and role configurations to ensure that only authorized users can alter the 'owner' parameter, enforcing least privilege and verifying access control policies."], "summary": {"action": "Patch", "impact": "Privilege Escalation via IDOR"}, "threat_synthesis": {"affected_systems": "Tenable Security Center, all releases prior to version 6.8.0 are affected. The product is identified as tenable:security_center in the CPE feed. No precise version list is provided, but the public advisory states that the fix is included in the 6.8.0 release.", "description_and_impact": "An indirect object reference flaw allows an authenticated remote attacker to manipulate the 'owner' parameter in Tenable Security Center. This can elevate the attacker's privileges, granting access to resources beyond their authorized scope. The weakness aligns with CWE\u2011639, indicating that access controls do not correctly validate ownership of referenced objects.", "risk_and_exploitability": "The vulnerability has a CVSS score of 2.1, reflecting a low base severity, and an EPSS score of less than 1%, indicating that exploitation is expected to be rare. The flaw is not listed in the KEV catalog. The attack requires an authenticated session, suggesting the likely vector is a remote attacker who has obtained legitimate credentials. No additional exploitation requirements are stated, so the risk remains limited but the ability to raise privileges renders it a potentially critical concern for environments where privilege separation is essential."}}}}, "created": "2026-02-24T09:55:36.423102+00:00", "updated": "2026-04-18T11:15:35.905062+00:00", "vendors": ["tenable", "tenable$PRODUCT$security_center"]}