CVE-2020-5774

Summary

Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period in certain scenarios. The lack of proper session expiration could allow attackers with local access to login into an existing browser session.

Affected Software

VendorProductVersion RangeStatus
n/aTenable Nessus< 8.11.1affected

Weaknesses

  • Insufficient Session Expiration

ADP Enrichment

CVE Program Container

Additional References

References