CVE-2023-0524

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tenable Nessus, tenable.io, tenable.sc (affected versions not specified)

Description A potential privilege escalation issue was identified internally, which could allow a malicious actor with sufficient permissions to modify environment variables and abuse an impacted plugin in order to escalate privileges. The probability of successful exploitation is low.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-17CWE-269

Related Identifiers

BDU:2023-00702

CVE-2023-0524

Affected Products

Tenable Nessus

Tenable.Io

Tenable.Sc

CVE-2023-0524

Weakness Enumeration

Related Identifiers

Affected Products

References · 4