Lucene search
TenableCVELIST:CVE-2021-20077HistoryMar 19, 2021 - 6:46 p.m.
CVE-2021-20077
2021-03-1918:46:43
tenable
www.cve.org
Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token.
CNA Affected
[
{
"product": "Tenable Nessus Agent",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "7.2.0 through 8.2.2"
}
]
}
]Related
cve
cve
CVE-2021-20077
2021-03-19 19:15:13
prion
prion
Code injection
2021-03-19 19:15:00
nvd
nvd
CVE-2021-20077
2021-03-19 19:15:13
openvas
openvas
Tenable Nessus <= 8.13.2 Privilege Escalation Vulnerability (TNS-2021-07)
2021-04-07 00:00:00
Tenable Nessus Agent 7.2.0 - 8.2.2 Multiple Vulnerabilities (TNS-2021-04)
2021-04-08 00:00:00
nessus
nessus
Tenable Nessus Agent < 8.2.3 Multiple Vulnerabilities (TNS-2021-04)
2021-03-19 00:00:00