SB2021031901 - Multiple vulnerabilities in Tenable Nessus Agent

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021031901

SB2021031901 - Multiple vulnerabilities in Tenable Nessus Agent

Published: March 19, 2021 Updated: June 3, 2022

Security Bulletin ID SB2021031901
Severity
Medium
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 67% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2021-23840)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input during EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate calls. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


2) NULL pointer dereference (CVE-ID: CVE-2021-23841)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the X509_issuer_and_serial_hash() function when parsing the issuer field in the X509 certificate. A remote attacker can supply a specially crafted certificate, trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.


3) Information disclosure (CVE-ID: CVE-2021-20077)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to Nessus Agent inadvertently captures the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. A local privileged user can obtain the token.


Remediation

Install update from vendor's website.

References