Lucene search
Arnie CabralTENABLE:554C14D005311758555C022B3AEF7AE1HistoryAug 09, 2022 - 11:14 p.m.
[R1] Nessus Version 8.15.6 Fixes Multiple Vulnerabilities
2022-08-0923:14:50
Arnie Cabral
www.tenable.com
10
nessus
version 8.15.6
audit function
0.001 Low
EPSS
Percentile
42.8%
[R1] Nessus Version 8.15.6 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 08/09/2022 - 19:14
Two separate vulnerabilities that utilize the Audit functionality in Nessus were discovered, reported and fixed.
1. CVE-2022-32973 - An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges.
2. CVE-2022-32974 - An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.
Nessus version 8.15.6 fixes the reported Audit function vulnerabilities.
Related
openvas
openvas
Tenable Nessus Agent < 10.1.4 Multiple Vulnerabilities (TNS-2022-13)
2022-11-09 00:00:00
Tenable Nessus < 8.15.6 Multiple Vulnerabilities (TNS-2022-16)
2022-11-09 00:00:00
Tenable Nessus Agent < 8.3.4 Multiple Vulnerabilities (TNS-2022-17)
2022-11-10 00:00:00
tenable
tenable
[R1] Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities
2022-06-15 16:36:46
[R1] Nessus Agent Version 8.3.4 Fixes Multiple Vulnerabilities
2022-08-24 16:18:51
[R3] Nessus Version 10.2.0 Fixes Multiple Vulnerabilities
2022-05-26 13:30:57
nessus
nessus
prion
prion
Design/Logic Flaw
2022-06-21 15:15:00
Command injection
2022-06-21 15:15:00
cve
cve
CVE-2022-32973
2022-06-21 15:15:09
CVE-2022-32974
2022-06-21 15:15:09
cvelist
cvelist
CVE-2022-32973
2022-06-21 14:23:30
CVE-2022-32974
2022-06-21 14:23:31
nvd
nvd
CVE-2022-32973
2022-06-21 15:15:09
CVE-2022-32974
2022-06-21 15:15:09