I noticed that the Certify Management Agent Windows service was installed with an unquoted executable path:
C:\Program Files\CertifyTheWeb\Service\Certify.Server.Core.exe
Because the path contains spaces and is not wrapped in quotes, vulnerability scanners are flagging it under Tenable/Nessus Plugin 63155:
https://www.tenable.com/plugins/nessus/63155
I have already corrected this manually on my end by updating the service path to include quotes:
"C:\Program Files\CertifyTheWeb\Service\Certify.Server.Core.exe"
This is not critical issue in my setup, but I wanted to report it here so the development team is aware.
This may be specific to my install or version, but I wanted to report it in case the installer/service registration logic needs to be updated.
Noticed this in CCM 7.0.20 and prior versions.
Thank you.