Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. The lack of proper session expiration could allow attackers with local access to login into an existing browser session.
References
Link | Resource |
---|---|
https://www.tenable.com/security/tns-2020-06 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: tenable
Published: 2020-08-21T12:23:40
Updated: 2020-08-21T12:23:40
Reserved: 2020-01-06T00:00:00
Link: CVE-2020-5774
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-21T13:15:14.333
Modified: 2020-08-28T18:53:20.250
Link: CVE-2020-5774
JSON object: View
Redhat Information
No data.
CWE