Arbitrary File Overwrite Vulnerability in Nessus on Windows Platforms
CVE-2019-3974

8.1HIGH

Key Information:

Vendor: Tenable
Status: Tenable Nessus
Vendor: CVE Published:; 15 August 2019

What is CVE-2019-3974?

Nessus versions 8.5.2 and earlier on Windows platforms are susceptible to an arbitrary file overwrite vulnerability. This flaw allows attackers to overwrite certain system files, potentially leading to a denial of service condition. It is crucial for users and administrators to update to a patched version to mitigate the associated risks. For more information, visit the provided reference.

Affected Version(s)

Tenable Nessus All versions prior to 8.6.0

References

https://www.tenable.com/security/tns-2019-05

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 15, 2019
Vulnerability Reserved
Jan 3, 2019