CVE-2023-0101

Name of the Vulnerable Software and Affected Versions Nessus versions 8.10.1 through 8.15.8 Nessus versions 10.0.0 through 10.4.1

Description The issue is related to insufficient input validation, which can be exploited by a remote attacker to elevate privileges to root or NT AUTHORITY/SYSTEM on the Nessus host. This can be achieved by executing a specially crafted file.

Recommendations For Nessus versions 8.10.1 through 8.15.8, update to a version outside of this range to resolve the issue. For Nessus versions 10.0.0 through 10.4.1, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the Nessus host to minimize the risk of exploitation.