Multiple vulnerabilities in Tenable Nessus

Published: 2023-08-29 | Updated: 2023-09-24

Risk	Low
Patch available	YES
Number of vulnerabilities	3
CVE-ID	CVE-2023-3251 CVE-2023-3252 CVE-2023-3253
CWE-ID	CWE-256 CWE-20 CWE-285
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	Tenable Nessus Client/Desktop applications / Software for system administration
Vendor	Tenable Network Security

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Unprotected storage of credentials

EUVDB-ID: #VU80112

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-3251

CWE-ID:

Exploit availability:

Description

The vulnerability allows a remote user to gain access to SMTP credentials.

The vulnerability exists due to the way SMTP credentials are stored within the application. A remote privileged user can uncover stored SMTP credentials.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tenable Nessus: 10.0.0 - 10.5.4

Fixed software versions

CPE2.3

cpe:2.3:a:tenable_network_security:tenable_nessus:10.5.4:*:*:*:*:*:*:*

External links

http://www.tenable.com/security/tns-2023-29
http://www.tenable.com/security/tns-2023-31

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Input validation error

EUVDB-ID: #VU80113

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-3252

CWE-ID:

Exploit availability:

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote privileged user can alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tenable Nessus: 10.0.0 - 10.5.4

Fixed software versions

CPE2.3

cpe:2.3:a:tenable_network_security:tenable_nessus:10.5.4:*:*:*:*:*:*:*

External links

http://www.tenable.com/security/tns-2023-29
http://www.tenable.com/security/tns-2023-31

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper Authorization

EUVDB-ID: #VU80114

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-3253

CWE-ID:

Exploit availability:

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to improper authorization. A remote authenticated user can view a list of all the users available in the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tenable Nessus: 10.0.0 - 10.5.4

Fixed software versions

CPE2.3

cpe:2.3:a:tenable_network_security:tenable_nessus:10.5.4:*:*:*:*:*:*:*

External links

http://www.tenable.com/security/tns-2023-29
http://www.tenable.com/security/tns-2023-31

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?