Vulnerabilities > CVE-2020-5793 - Unspecified vulnerability in Tenable Nessus and Nessus Agent

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

tenable

NVD

Published: 2020-11-05

Updated: 2020-11-16

Summary

A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. The attacker needs valid credentials on the Windows system to exploit this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Tenable Tenable Nessus 8.9.0 Tenable Nessus 8.9.1 Tenable Nessus 8.10.0 Tenable Nessus 8.10.1 Tenable Nessus 8.11.0 Tenable Nessus 8.11.1 Tenable Nessus 8.12.0 Tenable Nessus Agent 8.0.0 Tenable Nessus Agent 8.1.0	9
OS	Microsoft Microsoft Windows -	1

Summary

Vulnerable Configurations

References