Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-2005— Tenable Plugin Feed ID #202306261202 Fixes Privilege Escalation Vulnerability

CVSS 6.3 · Medium EPSS 0.26% · P49
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-2005

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Tenable Plugin Feed ID #202306261202 Fixes Privilege Escalation Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Tenable Network Security Nessus 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Tenable Network Security Nessus是美国Tenable Network Security公司的一款开源的系统漏洞扫描器。 Tenable Tenable.Io 202306261202 之前版本、Tenable Nessus 202306261202 之前版本、Tenable Security Center 202306261202 之前版本存在安全漏洞,该漏洞源于允许对扫描目标拥有足够权限的恶意行为者将二进制文件放置在特定文件系统位置,并滥用受影响的插件以升级权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
TenableTenable.io 0 ~ Plugin Feed ID #202306261202 -
TenableNessus 0 ~ Plugin Feed ID #202306261202 -
TenableSecurity Center 0 ~ Plugin Feed ID #202306261202 -

II. Public POCs for CVE-2023-2005

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2023-2005

登录查看更多情报信息。

IV. Related Vulnerabilities

Same vendor: Tenable

V. Comments for CVE-2023-2005

No comments yet

Leave a comment