CVE-2017-7850 — Incorrect Permission Assignment in Nessus

Severity

7.8HIGHNVD

EPSS

0.0%

top 92.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedApr 19

Latest updateMay 13

Description

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶NVDtenable/nessus5 versions+4

GHSA

GHSA-7xfq-cg5m-hf99: Nessus 6↗2022-05-13

▶

CVEList

CVE-2017-7850: Nessus 6↗2017-04-19

▶