CVE-2017-6543 — Nessus vulnerability

4 documents4 sources
Severity
7.3HIGHNVD
EPSS
0.3%
top 49.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Tenable NessusTenable Appliance
Timeline
PublishedMar 8
Latest updateOct 4

Description

Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be written to anywhere on the system. This could be used to subsequently gain elevated privileges on the system (e.g., after a reboot). This issue only affects installations on Windows.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages2 packages

â–¶NVDtenable/nessus6.10.1
â–¶NVDtenable/appliance4.4.0

🔴Vulnerability Details

3
OSV
binutils vulnerabilities↗2023-10-04
â–¶
GHSA
GHSA-qprc-f7qc-63gc: Tenable Nessus before 6↗2022-05-13
â–¶
CVEList
CVE-2017-6543: Tenable Nessus before 6↗2017-03-08
â–¶
CVE-2017-6543 — Tenable Nessus vulnerability | cvebase