CVE-2023-6062: Arbitrary File Write
First published: Mon Nov 20 2023(Updated: )
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.
Credit: vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenable Nessus | <10.5.7 | |
| Tenable Nessus | >=10.6.0<10.6.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-6062?
CVE-2023-6062 is an arbitrary file write vulnerability in the Nessus application.
How severe is CVE-2023-6062?
CVE-2023-6062 has a severity rating of 6.8 (Medium).
What is the impact of CVE-2023-6062?
CVE-2023-6062 can allow an attacker to overwrite arbitrary files on the remote host, potentially leading to a denial of service.
Which software versions are affected by CVE-2023-6062?
Nessus versions up to 10.5.7 and versions between 10.6.0 and 10.6.3 are affected by CVE-2023-6062.
How can I fix CVE-2023-6062?
To fix CVE-2023-6062, update Nessus to a version that is not affected by the vulnerability.
- collector/mitre-cve
- collector/nvd-api
- agent/author
- agent/description
- agent/epss
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/epss-latest
- source/FIRST
- vendor/tenable
- canonical/tenable nessus
- version/tenable nessus/10.6.0