Lucene search

K
cvelistTenableCVELIST:CVE-2021-20077
HistoryMar 19, 2021 - 6:46 p.m.

CVE-2021-20077

2021-03-1918:46:43
tenable
www.cve.org

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token.

CNA Affected

[
  {
    "product": "Tenable Nessus Agent",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "7.2.0 through 8.2.2"
      }
    ]
  }
]

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Related for CVELIST:CVE-2021-20077