ProxyLogon and PrintNightmare

The ProxyLogon and PrintNightmare vulnerabilities were the top two vulnerabilities of 2021 identified in the Threat Landscape Retrospective. The CVE filter is the only filter used for each vulnerability in the Top 5 Vulnerabilities (2021 Threat Landscape Retrospective) widget. Use the CVE filter rather than the plugin ID filter to ensure that when new plugins associated with the CVE are released, results will be displayed for all vulnerabilities associated with the CVE. Tenable’s CVE search page lists all existing plugins associated with each CVE.

• ProxyLogon filter: CVE contains CVE-2021-26855

• PrintNightmare filter: CVE contains CVE-2021-34527

Tactical scan templates, such as the ProxyLogon: MS Exchange and PrintNightmare scan templates can be used to run targeted scans that detect specific vulnerabilities. Users also have the option to create custom scans using the Advanced Scan Template with specific plugins enabled, if a scan template does not exist for CVEs of particular interest in their environment.

The Tenable Vulnerability Management Widget Library also contains widget templates for ProxyLogon and PrintNightmare, as shown below.

See the Learn More section of  this Cyber Exposure Study for more Tenable resources on ProxyLogon and PrintNightmare.