CVE-2020-5774
Description
Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. The lack of proper session expiration could allow attackers with local access to login into an existing browser session.
Risk Information
Base Score
7.1
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.044
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-5774 are affected in Nessus Agent (x64) 8.11.0 | Windows |
| Vulnerabilities CVE-2020-5774 are affected in Nessus Agent 8.11.0 | Windows |
| Vulnerabilities CVE-2020-5774 are fixed in Nessus 8.11.1 | Windows |
| Vulnerabilities CVE-2020-5774 are fixed in Tenable Nessus 8.11.1 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-343100 | Nessus Agent (x64) (10.8.0) |
| PATCH-343099 | Nessus Agent (10.8.0) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234