CVE-2023-3252
First published: Tue Aug 29 2023(Updated: )
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.
Credit: vulnreport@tenable.com vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenable Nessus | <10.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-3252.
What is the severity of CVE-2023-3252?
The severity of CVE-2023-3252 is medium with a CVSS score of 6.8.
How does CVE-2023-3252 affect Tenable Nessus?
CVE-2023-3252 affects Tenable Nessus version up to 10.6.0.
What is the impact of CVE-2023-3252?
CVE-2023-3252 can lead to a denial of service condition by allowing an authenticated remote attacker to overwrite arbitrary files on the remote host with log data.
How can the arbitrary file write vulnerability in CVE-2023-3252 be fixed?
To fix the arbitrary file write vulnerability in CVE-2023-3252, it is recommended to update Tenable Nessus to a version beyond 10.6.0.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- collector/nvd-api
- collector/nvd-index
- vendor/tenable
- canonical/tenable nessus