CVE-2023-0101

Published: Jan 20, 2023Modified: Apr 2, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host.

Affected (2)

Products: Tenable: Nessus

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Tenable Nessus	From 10.0.0 to 10.4.2
Tenable Nessus	From 8.10.1 to 8.15.8

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (4)

https://www.tenable.com/security/tns-2023-01

Source: vulnreport@tenable.com

PatchRelease NotesVendor Advisory

https://www.tenable.com/security/tns-2023-02

Source: vulnreport@tenable.com

PatchRelease NotesVendor Advisory

https://www.tenable.com/security/tns-2023-01

Source: af854a3a-2127-422b-91ae-364da2661108

PatchRelease NotesVendor Advisory

https://www.tenable.com/security/tns-2023-02

Source: af854a3a-2127-422b-91ae-364da2661108

PatchRelease NotesVendor Advisory

Timeline

No history available yet.