Описание
When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.0.3 (исключая)
cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00037
Низкий
7 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 7
github
больше 3 лет назад
When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location.
EPSS
Процентиль: 11%
0.00037
Низкий
7 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-732