Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Tenable Nessus Agent 8.0.0 - 8.1.0 Arbitrary Code Execution vulnerability (TNS-2020-07)
Information
Severity
Severity
Medium
Family
Family
General
CVSSv2 Base
CVSSv2 Base
6.8
CVSSv2 Vector
CVSSv2 Vector
AV:L/AC:L/Au:S/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
3 years ago
Modified
Modified
3 years ago
Summary
Tenable Nessus Agent is prone to a local arbitrary code execution vulnerability.
Insight
Insight
A vulnerability in Nessus Agent for Windows could allow an authenticated local attacker to execute arbitrary code by copying user-supplied files to a specially constructed path in a specifically named user directory.
Affected Software
Affected Software
Tenable Nessus Agent versions 8.0.0 - 8.1.0.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 8.1.1 or later.