6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.4%
According to its self-reported version, the Tenable Nessus application running on the remote host is 6.8.x, 6.9.x, or 6.10.x prior to 6.10.2.
It is, therefore, affected by an arbitrary file upload vulnerability due to an unspecified flaw. An authenticated, remote attacker can exploit this to upload a specially crafted file to an arbitrary system location.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(99440);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/12");
script_cve_id("CVE-2017-6543");
script_bugtraq_id(96418);
script_name(english:"Tenable Nessus 6.8.x < 6.10.2 Arbitrary File Upload (TNS-2017-06)");
script_set_attribute(attribute:"synopsis", value:
"An application running on the remote Windows host is affected by an
arbitrary file upload vulnerability.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the Tenable Nessus application
running on the remote host is 6.8.x, 6.9.x, or 6.10.x prior to 6.10.2.
It is, therefore, affected by an arbitrary file upload vulnerability
due to an unspecified flaw. An authenticated, remote attacker can
exploit this to upload a specially crafted file to an arbitrary system
location.");
script_set_attribute(attribute:"see_also", value:"https://www.tenable.com/security/tns-2017-06");
script_set_attribute(attribute:"solution", value:
"Upgrade to Tenable Nessus version 6.10.2 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-6543");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/02/21");
script_set_attribute(attribute:"patch_publication_date", value:"2017/02/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/04/18");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:tenable:nessus");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2017-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("nessus_detect.nasl", "nessus_installed_win.nbin", "os_fingerprint.nasl");
script_require_keys("installed_sw/Tenable Nessus");
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
var os = get_kb_item_or_exit("Host/OS");
if ('windows' >!< tolower(os))
audit(AUDIT_OS_NOT, "Windows");
var app_info = vcf::combined_get_app_info(app:'Tenable Nessus');
vcf::check_granularity(app_info:app_info, sig_segments:3);
var constraints = [
{ 'min_version' : '6.8.0', 'fixed_version' : '6.10.2' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.4%