Vulnerability Description
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
CVSS Score
6.7
MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tenable | Nessus | < 10.6.2 |
| Tenable | Nessus Agent | < 10.4.3 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.tenable.com/security/tns-2023-37Vendor Advisory
- https://www.tenable.com/security/tns-2023-38Vendor Advisory
- https://www.tenable.com/security/tns-2023-37Vendor Advisory
- https://www.tenable.com/security/tns-2023-38Vendor Advisory
FAQ
What is CVE-2023-5847?
CVE-2023-5847 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
How severe is CVE-2023-5847?
CVE-2023-5847 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-5847?
Check the references section above for vendor advisories and patch information. Affected products include: Tenable Nessus, Tenable Nessus Agent, Linux Linux Kernel, Microsoft Windows.