First published: Mon Jun 26 2023(Updated: )
Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 . This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.
Credit: vulnreport@tenable.com
Affected Software | Affected Version | How to fix |
---|---|---|
Tenable Nessus | ||
Tenable SecurityCenter | ||
Tenable Tenable.Io |
The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202306261202.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-2005 is high with a CVSS score of 8.8.
The software affected by CVE-2023-2005 includes Tenable Nessus, Tenable SecurityCenter, and Tenable.Io.
A malicious actor can exploit CVE-2023-2005 to perform unauthorized actions and potentially gain access to sensitive information.
Yes, a fix is available for CVE-2023-2005. It is recommended to update to the latest version of Tenable.Io, Nessus, or SecurityCenter, depending on the affected software.
More information about CVE-2023-2005 can be found at the following link: [CVE-2023-2005](https://www.tenable.com/security/tns-2023-21).