CVE-2023-5847

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.3HIGH
EPSS
0.1%
top 84.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Tenable NessusTenable Nessus Agent
Timeline
PublishedNov 1

Description

Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages4 packages

CVEListV5tenable/nessus< 10.6.2
NVDtenable/nessus< 10.6.2
CVEListV5tenable/nessus_agent< 10.4.3
NVDtenable/nessus_agent< 10.4.3

🔴Vulnerability Details

2
GHSA
GHSA-q699-cmcj-j36r: Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windo2023-11-01
CVEList
CVE-2023-5847: Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windo2023-11-01
CVE-2023-5847 (HIGH CVSS 7.3) | Under certain conditions | cvebase.io