When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location.
References
Link | Resource |
---|---|
https://www.tenable.com/security/tns-2018-01 | Vendor Advisory |
http://www.securitytracker.com/id/1040557 | Third Party Advisory VDB Entry |
Configurations
Information
Published : 2018-03-20 11:29
Updated : 2019-10-02 17:03
NVD link : CVE-2018-1141
Mitre link : CVE-2018-1141
JSON object : View
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource
Products Affected
tenable
- nessus