The Federal Office for Information Security (BSI) warns of critical 9.8 vulnerabilities in Nessus, the vulnerability scanner, which can check not only known vulnerabilities but also software patch levels and configurations. According to Tenable, a quick update is recommended.
According to Tenable, the makers of the Nessus Network Monitor vulnerability scanner, the platform uses third-party software to provide certain functionality. Now, the company has discovered that several third-party components have many highly dangerous and even critical vulnerabilities. Therefore, the providers have made an updated version available.
Fix 174 vulnerabilities with one version
The Tenable list lists a total of 174 vulnerabilities in the Nessus scanner. If a company does not use all functions, it does not affect all warnings. The type of vulnerabilities sorted by their CVSS v3 base scores, where 10.0 would be the highest score.
- 19 critical vulnerabilities (17 with 9.8 CVSS v3)
- 68 high-risk vulnerabilities
- 83 medium-risk vulnerabilities
- 4 low vulnerabilities
Fast update to Nessus Network Monitor 6.2.2
Tenable released Nessus Network Monitor 6.2.2 to fix all of these issues. The Installation files can be downloaded from the Tenable Downloads Portal be obtained.
More at Tenable.com