CVE-2017-6543 : Security Advisory and Response

A vulnerability in Tenable Nessus versions prior to 6.10.2 allowed an authenticated attacker to upload a manipulated file, potentially leading to unauthorized writing of files on the system.

Understanding CVE-2017-6543

This CVE involves a flaw in Tenable Nessus that could result in elevated privileges on Windows systems.

What is CVE-2017-6543?

The vulnerability in Tenable Nessus versions before 6.10.2 allowed authenticated attackers to upload a manipulated file, potentially leading to unauthorized writing of files on the system.

The Impact of CVE-2017-6543

Exploitation of this vulnerability, limited to Windows installations, could result in the acquisition of elevated privileges on the system, especially after a system reboot.

Technical Details of CVE-2017-6543

This section provides more technical insights into the vulnerability.

Vulnerability Description

Tenable Nessus versions prior to 6.10.2 (used independently or in Tenable Appliance versions prior to 4.5.0) contained a flaw that enabled an authenticated attacker to remotely upload a manipulated file, potentially leading to unauthorized writing of files on the system.

Affected Systems and Versions

Tenable Nessus versions before 6.10.2
Tenable Appliance versions before 4.5.0

Exploitation Mechanism

The vulnerability allowed an authenticated attacker to upload a manipulated file, potentially resulting in unauthorized writing of files on the system, specifically affecting Windows installations.

Mitigation and Prevention

To address CVE-2017-6543, follow these mitigation strategies:

Immediate Steps to Take

Update Tenable Nessus to version 6.10.2 or later
Update Tenable Appliance to version 4.5.0 or later
Monitor system for any unauthorized file uploads

Long-Term Security Practices

Regularly review and update security configurations
Conduct security training for system users

Patching and Updates

Apply patches and updates promptly to mitigate known vulnerabilities