CVE-2025-36636: Improper Access Control
Published Oct 8, 2025
·Updated
In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope.
Affected Software
1 affected component
Tenable Security Center<6.7.0
Remediation
Information
Tenable has released Security Center 6.7.0 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/security-center
Event History
Oct 8, 2025
CVE Published
via MITRE·03:19 PM
Data Sourced
via MITRE·03:19 PM
RemedyDescriptionSeverity
Data Sourced
via NVD·04:15 PM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2025-36636?
CVE-2025-36636 has a severity rating indicating a moderate risk primarily due to improper access control.
2
How do I fix CVE-2025-36636?
To fix CVE-2025-36636, upgrade to Tenable Security Center version 6.7.0 or later.
3
Who is affected by CVE-2025-36636?
CVE-2025-36636 affects users of Tenable Security Center versions prior to 6.7.0.
4
What type of vulnerability is CVE-2025-36636?
CVE-2025-36636 is classified as an improper access control vulnerability.
5
Can an attacker exploit CVE-2025-36636 without authentication?
No, CVE-2025-36636 requires an authenticated user to exploit the vulnerability.