Arbitrary File Write
CVE-2023-6062

6.8MEDIUM

Key Information:

Vendor: Tenable
Status: Nessus
Vendor: CVE Published:; 20 November 2023

Badges

📰 News Worthy

What is CVE-2023-6062?

An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition.

Affected Version(s)

Nessus 0

Nessus 0 < 10.6.2

Nessus 10.5.7

News Articles

CybersecurityNews

CVE-2023-6062

Nessus Vulnerability Let Attackers Alter Rules Variables

An arbitrary file write vulnerability has been discovered in Nessus which allows an authenticated, attacker to perform a denial of service.

References

https://www.tenable.com/security/tns-2023-39

https://www.tenable.com/security/tns-2023-40

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

📰
First article discovered by CybersecurityNews
Nov 21, 2023
Vulnerability published
Nov 20, 2023
Vulnerability Reserved
Nov 9, 2023

Tenable

Badges

What is CVE-2023-6062?

Affected Version(s)

News Articles

Nessus Vulnerability Let Attackers Alter Rules Variables

References

CVSS V3.1

Timeline