Lucene search
HistoryNov 01, 2023 - 4:15 p.m.
CVE-2023-5847
cve-2023-5847
privilege escalation
installation
upgrade
windows
linux
nvd
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.2%
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
Affected configurations
Node
tenablenessusRange<10.6.2
ORtenablenessus_agentRange<10.4.3
linuxlinux_kernelMatch-
ORmicrosoftwindowsMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| tenable:nessus | tenable nessus | lt | 10.6.2 |
| tenable:nessus_agent | tenable nessus agent | lt | 10.4.3 |
CNA Affected
[
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"Linux"
],
"product": "Nessus",
"vendor": "Tenable",
"versions": [
{
"lessThan": "10.6.2",
"status": "affected",
"version": "0",
"versionType": "10.6.2"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"Linux"
],
"product": "Nessus Agent",
"vendor": "Tenable",
"versions": [
{
"lessThan": "10.4.3",
"status": "affected",
"version": "0",
"versionType": "10.4.3"
}
]
}
]Related
nvd
nvd
CVE-2023-5847
2023-11-01 16:15:08
tenable
tenable
[R1] Nessus Agent Version 10.4.3 Fixes Multiple Vulnerabilities
2023-10-31 18:09:30
[R1] Nessus Version 10.6.2 Fixes Multiple Vulnerabilities
2023-10-31 16:35:25
[R1] Nessus Version 10.5.6 Fixes Multiple Vulnerabilities
2023-10-31 15:16:28
cvelist
cvelist
CVE-2023-5847
2023-11-01 15:30:55
prion
prion
Design/Logic Flaw
2023-11-01 16:15:00
zdi
zdi
Tenable Nessus Link Following Local Privilege Escalation Vulnerability
2023-11-06 00:00:00
nessus
nessus
Tenable Nessus < 10.5.6 Multiple Vulnerabilities (TNS-2023-36)
2023-11-01 00:00:00
Tenable Nessus < 10.6.2 Multiple Vulnerabilities (TNS-2023-37)
2023-11-01 00:00:00
Tenable Nessus Agent 10.4.2 Multiple Vulnerabilities (TNS-2023-38)
2023-11-01 00:00:00
openvas
openvas
Tenable Nessus Multiple Vulnerabilities (TNS-2023-36)
2023-11-23 00:00:00
Tenable Nessus Agent 10.4.2 Multiple Vulnerabilities (TNS-2023-38)
2023-11-02 00:00:00
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.2%
Related for CVE-2023-5847