Assigner | tenable |
Reserved | 2024-04-03 |
Published | 2024-05-17 |
Updated | 2024-06-06 |
Description
A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus Agent host could modify installation parameters at installation time, which could lead to the execution of arbitrary code on the Nessus host. - CVE-2024-3292
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H |
Problem types
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
Product status
Any version before 10.6.4
References
https://www.tenable.com/security/tns-2024-09