CVE-2021-20099 — Vulnetix

CVE-2021-20099 PUBLISHED CVSS 6.699999809265137 MEDIUM

Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100.

EPSS 0.06% · 19.8th percentile

Risk Scores

CVSS 3.1

6.699999809265137

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.06%

19.8th percentile

Affected Products

Vendor	Product	Versions
n/a	Nessus Agent	Nessus Agent 8.2.4 and earlier
tenable	nessus	0

Exploit Intelligence

https://www.tenable.com/security/tns-2021-12 (circl)

Timeline

Jun 28, 2021 CVE Published
Jun 29, 2021 EPSS Score
Jul 2, 2021 EPSS Score
Aug 28, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 26, 2022 EPSS Score
Aug 25, 2022 EPSS Score
Oct 24, 2022 EPSS Score

References

https://www.tenable.com/security/tns-2021-11 advisory
https://www.tenable.com/security/tns-2021-12 advisory
https://nvd.nist.gov/vuln/detail/CVE-2021-20099 advisory

Open in Interactive Console →