CVE-2022-32973

Description

An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges.

Base Score

8.8

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

0.521

Vulnerability	OS Platform
Vulnerabilities CVE-2022-32973,CVE-2022-32974 are affected in Nessus Agent (x64) 10.1.9	Windows
Vulnerabilities CVE-2022-32973,CVE-2022-32974,CVE-2022-33757,CVE-2023-0101 are affected in Nessus Agent (x64) 8.15.3	Windows
Vulnerabilities CVE-2022-32973,CVE-2022-32974 are affected in Nessus Agent 10.1.9	Windows
Vulnerabilities CVE-2022-32973,CVE-2022-32974,CVE-2022-33757,CVE-2023-0101 are affected in Nessus Agent 8.15.3	Windows
Vulnerabilities CVE-2022-32973,CVE-2022-32974 are fixed in Nessus Agent 8.3.4	Windows
Vulnerabilities CVE-2022-32973,CVE-2022-32974 are fixed in Nessus Agent (10.1.4.20122)	Windows
Vulnerabilities CVE-2022-32973,CVE-2022-32974 are fixed in Nessus Agent (x64) (10.1.4.20122)	Windows
Vulnerabilities CVE-2022-32974,CVE-2022-32973 are fixed in Nessus 8.15.6	Windows
Multiple vulnerabilities are fixed in Nessus Agent (x64) (10.2.0.20130)	Windows
Multiple vulnerabilities are fixed in Nessus Agent (10.2.0.20130)	Windows
Vulnerabilities CVE-2022-32974,CVE-2022-32973 are fixed in Tenable Nessus 8.15.6	Windows
Multiple vulnerabilities are fixed in Tenable Nessus 10.2.0	Windows

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-343100	Nessus Agent (x64) (10.8.0)
PATCH-343100	Nessus Agent (x64) (10.8.0)
PATCH-343099	Nessus Agent (10.8.0)
PATCH-343099	Nessus Agent (10.8.0)
PATCH-337447	Nessus Agent (10.6.1)
PATCH-337447	Nessus Agent (10.6.1)
PATCH-337448	Nessus Agent (x64) (10.6.1)
PATCH-346982	Nessus Agent (x64) (10.8.4) (Manual Upload Required)
PATCH-346981	Nessus Agent (10.8.4) (Manual Upload Required)