{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-13007","assignerOrgId":"5ac1ecc2-367a-4d16-a0b2-35d495ddd0be","state":"PUBLISHED","assignerShortName":"tenable","dateReserved":"2026-06-23T14:57:21.550Z","datePublished":"2026-06-23T15:59:50.522Z","dateUpdated":"2026-06-23T17:48:03.138Z"},"containers":{"cna":{"title":"Insecure Public Caching on REST API Endpoints in Tenable Identity Exposure","descriptions":[{"lang":"en","value":"Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are served with Cache-Control: public headers and without Vary: Cookie, allowing reverse proxies and CDNs to cache and serve sensitive data to unauthenticated users even after authentication is applied."}],"affected":[{"vendor":"tenable","product":"Tenable Identity Exposure","versions":[{"version":"0","status":"affected","lessThan":"3.93.5","versionType":"semver"}],"defaultStatus":"unaffected"}],"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-306","lang":"en","description":"Missing Authentication for Critical Function"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-524","lang":"en","description":"Use of Cache Containing Sensitive Information"}]}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH"}},{"cvssV4_0":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:N","baseScore":8.5,"baseSeverity":"HIGH"}}],"references":[{"url":"https://www.tenable.com/security/research/tns-2026-16","name":"TNS-2026-16","tags":["vendor-advisory"]}],"credits":[{"lang":"en","value":"Cobalt (Tenable-commissioned penetration test)","type":"finder"}],"datePublic":"2026-06-23T00:00:00.000Z","providerMetadata":{"orgId":"5ac1ecc2-367a-4d16-a0b2-35d495ddd0be","shortName":"tenable","dateUpdated":"2026-06-23T15:59:50.522Z"},"x_generator":{"engine":"cvelib 1.8.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-06-23T17:47:42.661656Z","id":"CVE-2026-13007","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-06-23T17:48:03.138Z"}}]}}