{"cve":{"cve_id":"CVE-2024-3232","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00442,"epss_percentile":0.35186,"epss_as_of":"2026-06-23","description":"A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated remote attacker with administrative privileges could manipulate application form fields in order to trick another administrator into executing CSV payloads. - CVE-2024-3232","published_at":"2024-07-16T17:02:19Z","last_modified_at":null,"cvss_v3_score":7.6,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"total","cwes":["CWE-1236"],"nvd_references":["https://www.tenable.com/security/tns-2024-04"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T02:03:22.129226Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"H","value_label":"High"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"tenable","vendor_name":"tenable","product_slug":"tenable-identity-exposure","product_name":"Tenable Identity Exposure","version_start":"Tenable Identity Exposure 3.42","version_start_inclusive":true,"version_end":"Tenable Identity Exposure 3.42","version_end_inclusive":true,"cpe23_uri":"cve5:tenable:tenable-identity-exposure:Tenable Identity Exposure 3.42:Tenable Identity Exposure 3.42"},{"vendor_slug":"tenable","vendor_name":"tenable","product_slug":"tenable-identity-exposure","product_name":"Tenable Identity Exposure","version_start":"Tenable Identity Exposure 3.29","version_start_inclusive":true,"version_end":"Tenable Identity Exposure 3.29","version_end_inclusive":true,"cpe23_uri":"cve5:tenable:tenable-identity-exposure:Tenable Identity Exposure 3.29:Tenable Identity Exposure 3.29"},{"vendor_slug":"tenable","vendor_name":"tenable","product_slug":"tenable-identity-exposure","product_name":"Tenable Identity Exposure","version_start":"Tenable Identity Exposure 3.19","version_start_inclusive":true,"version_end":"Tenable Identity Exposure 3.19","version_end_inclusive":true,"cpe23_uri":"cve5:tenable:tenable-identity-exposure:Tenable Identity Exposure 3.19:Tenable Identity Exposure 3.19"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.tenable.com/security/tns-2024-04","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-07-16T17:02:19Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:36:50.884600Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:36:50.884600Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:36:50.884600Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T02:03:22.129226Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:03:22.129226Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:03:22.129226Z","label":"SSVC decision revised","source":"vulnrichment"}]}