The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An attacker could then access the Flower API to discover and invoke arbitrary Celery RPC calls or deny service by shutting down Celery task nodes. (CVE-2022-30034) Note that Nessus relies on the presence of the package as reported by the vendor. File data…Read More