PT-2018-10553 · Tenable · Nessus
Publicado
2018-03-20
·
Atualizado
2019-10-03
·
CVE-2018-1141
CVSS v3.1
7.0
Alta
| Vetor | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Nessus versions prior to 7.0.3
Description
The issue arises when Nessus is installed to a directory outside of the default location, where it fails to enforce secure permissions for sub-directories. This could potentially allow for local privilege escalation if users have not properly secured the directories in the installation location.
Recommendations
For Nessus versions prior to 7.0.3, update to version 7.0.3 or later to resolve the issue.
Correção
LPE
Incorrect Permission
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nessus