CVE-2021-20099
First published: Mon Jun 28 2021(Updated: )
Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100.
Credit: vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenable Nessus | <=8.2.4 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-20099?
CVE-2021-20099 refers to multiple local privilege escalation vulnerabilities in Nessus Agent 8.2.4 and earlier for Windows.
How does CVE-2021-20099 impact Tenable Nessus?
CVE-2021-20099 allows an authenticated, local administrator to run specific Windows executables as the Nessus host.
Which version of Nessus Agent for Windows is affected by CVE-2021-20099?
Nessus Agent 8.2.4 and earlier for Windows are affected by CVE-2021-20099.
What is the severity of CVE-2021-20099?
CVE-2021-20099 has a severity rating of 6.7 (Medium).
Where can I find more information about CVE-2021-20099?
You can find more information about CVE-2021-20099 at the following reference: [Tenable Advisory TNS-2021-12](https://www.tenable.com/security/tns-2021-12)
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/tenable
- canonical/tenable nessus
- version/tenable nessus/8.2.4
- vendor/microsoft
- canonical/microsoft windows