Back to search
CVE-2021-20077
Published: Mar 19, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token.
| Vendor | Product | Versions |
|---|---|---|
n/a | Tenable Nessus Agent | affected 7.2.0 through 8.2.2 |
References
https://www.tenable.com/security/tns-2021-04-0
x_refsource_MISC
https://www.tenable.com/security/tns-2021-07
x_refsource_MISC
https://www.tenable.com/security/tns-2021-04-0
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now