Tenable Nessus Agent 6.x < 6.11 MITM Vulnerability During Linking (TNS-2017-11)
Medium Nessus Plugin ID 102274
SynopsisThe version of Nessus Agent installed on the remote host is affected by a MITM vulnerability.
DescriptionThe version of Nessus Agent installed on the remote Windows host is 6.x prior to 6.11. It is, therefore, affected by a MITM vulnerability that can be exploited during the agent linking process. This is due to the fact that during an initial connection to Tenable.io or Nessus Manager when linking the agent, it does not verify the server certificate.
SolutionUpgrade to Tenable Nessus Agent version 6.11 or later.