Language:
Severity: Critical
ID: 165276
File Name: nutanix_NXSA-AOS-5_20_3_5.nasl
Version: 1.20
Type: local
Family: Misc.
Published: 9/21/2022
Updated: 5/30/2024
Supported Sensors: Nessus
Risk Factor: Critical
Score: 9.8
Risk Factor: High
Base Score: 9
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2022-23307
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2022-23305
CPE: cpe:/o:nutanix:aos
Required KB Items: Host/Nutanix/Data/lts, Host/Nutanix/Data/Service, Host/Nutanix/Data/Version, Host/Nutanix/Data/arch
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 9/19/2022
Vulnerability Publication Date: 12/20/2019
CISA Known Exploited Vulnerability Due Dates: 7/18/2022
CANVAS (CANVAS)
Core Impact
Metasploit (Local Privilege Escalation in polkits pkexec)
CVE: CVE-2019-17571, CVE-2020-25704, CVE-2020-36322, CVE-2020-9484, CVE-2020-9488, CVE-2021-26691, CVE-2021-34798, CVE-2021-39275, CVE-2021-4034, CVE-2021-42739, CVE-2021-44790, CVE-2021-45105, CVE-2021-45417, CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21349, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366, CVE-2022-23181, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307