This script is Copyright (C) 2017 Tenable Network Security, Inc.
An application installed on the remote host is affected by a PHP
object deserialization vulnerability.
According to its version, the installation of Tenable SecurityCenter
on the remote host is affected by a PHP object deserialization
vulnerability in the PluginParser.php script. An authenticated, remote
attacker can exploit this, by uploading a specially crafted PHP
object, to delete arbitrary files on the remote host.
Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.
See also :
Apply the appropriate patch referenced in the vendor advisory.
Risk factor :
Medium / CVSS Base Score : 4.0
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now