CVE-2023-2005

Опубликовано: 26 июн. 2023

Источник: nvd

CVSS3: 6.3

CVSS3: 8.8

EPSS Низкий

Описание

This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.

Ссылки

https://www.tenable.com/security/tns-2023-21
Vendor Advisory
https://www.tenable.com/security/tns-2023-21
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tenable:nessus:-:*:*:*:*:*:*:*

cpe:2.3:a:tenable:securitycenter:-:*:*:*:*:*:*:*

cpe:2.3:a:tenable:tenable.io:-:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00065

Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-427

Связанные уязвимости

GHSA-rx3v-c929-952g

CVSS3: 6.3

github

больше 2 лет назад

Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.

EPSS

Процентиль: 20%

0.00065

Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-427