CVE-2026-2697

MEDIUM

Security Center - Privilege Escalation

Title source: llm

Description

An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter.

References (1)

Scores

CVSS v3 6.3
EPSS 0.0011
EPSS Percentile 29.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Classification

CWE
CWE-639
Status published

Affected Products (1)

tenable/security_center < 6.8.0

Timeline

Published Feb 23, 2026
Tracked Since Feb 23, 2026