Potential exposure to XZ Utils SSH Backdoor (CVE-2024-3094)

critical Nessus Plugin ID 192708

Language:

Version 1.21 Jul 6, 2024, 12:22 AM Detection (Changes to support Juniper Session Smart Router) Plugin Feed: 202407060022
Version 1.20 Jul 5, 2024, 9:04 PM Detection (Adding detection of Juniper SSR devices) Plugin Feed: 202407052104
Version 1.19 Jun 27, 2024, 9:09 PM New (Deploy nessus_utils binaries on the Nessus Agent) Plugin Feed: 202406272109
Version 1.16 Jun 21, 2024, 6:31 PM Detection (updated detection for SonicOS devices) Plugin Feed: 202406211831
Version 1.15 Jun 21, 2024, 2:16 PM Logic Changes Plugin Feed: 202406211416
Version 1.14 Jun 14, 2024, 7:07 PM Logic Changes (added additional check for command failures.) Plugin Feed: 202406141907
Version 1.12 Jun 7, 2024, 12:28 PM IAVM reference STIG Severity Plugin Feed: 202406071228
Version 1.10 May 20, 2024, 10:13 AM Logic Changes Plugin Feed: 202405201013
Version 1.9 May 9, 2024, 6:10 PM New Plugin Feed: 202405091810
Version 1.6 Apr 3, 2024, 1:48 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202404031348
Version 1.5 Apr 2, 2024, 10:16 PM Detection (added alternative commands for IOC detection) Plugin Feed: 202404022216
Version 1.3 Apr 1, 2024, 3:13 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" set to "Exploits are available") Plugin Feed: 202404011513
Version 1.2 Mar 31, 2024, 9:46 PM Detection (tightening of the check for return conditions from the hexdump command) Plugin Feed: 202403312146
Version 1.1 Mar 30, 2024, 4:20 PM New Plugin Feed: 202403301620
Version 1.0 Mar 30, 2024, 1:01 AM New Plugin Feed: 202403300101

* Changelogs are generally available for changes made after Nov 1, 2022