Privilege Escalation Vulnerability in Windows and Linux Hosting Product from Vendor
CVE-2023-5847

7.3HIGH

Key Information:

Vendor: Tenable
Status: Nessus; Nessus Agent
Vendor: CVE Published:; 1 November 2023

What is CVE-2023-5847?

A privilege escalation vulnerability exists that enables low privileged attackers to exploit specific conditions to load a carefully crafted file during the installation or upgrade process. This could allow unauthorized access to escalate privileges on both Windows and Linux hosting environments, potentially leading to further compromises and data breaches. It is crucial for administrators to review their installations and apply necessary patches to mitigate the risks associated with this vulnerability.

Affected Version(s)

Nessus Agent Windows 0

Nessus Windows 0

References

https://www.tenable.com/security/tns-2023-37

https://www.tenable.com/security/tns-2023-38

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 1, 2023
Vulnerability Reserved
Oct 30, 2023

Tenable

What is CVE-2023-5847?

Affected Version(s)

References

CVSS V3.1

Timeline