CVE-2023-0101

CWE-269Improper Privilege Management3 documents3 sources
Severity
8.8HIGH
EPSS
0.3%
top 43.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenable Nessus
Timeline
PublishedJan 20

Description

A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDtenable/nessus8.10.18.15.8+1
CVEListV5nessus8.10.1 through 8.15.8, 10.0.0 through 10.4.1

Patches

Patch: www.tenable.comPatch: www.tenable.comPatch: www.tenable.com

🔴Vulnerability Details

2
GHSA
GHSA-68w7-82p5-gfgr: A privilege escalation vulnerability was identified in Nessus versions 82023-01-20
CVEList
CVE-2023-0101: A privilege escalation vulnerability was identified in Nessus versions 82023-01-20
CVE-2023-0101 (HIGH CVSS 8.8) | A privilege escalation vulnerabilit | cvebase.io