CVE-2022-4313

A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets.

Published: Mar 16, 2023
Updated: Apr 14, 2023
CVE: CVE-2022-4313
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
tenable / nessus	-	10.4.2
tenable / plugin_feed	-	202212081952

https://www.tenable.com/security/tns-2023-14

Vulnerability Database

289,599

CVE-2022-4313