Test ID:	1.3.6.1.4.1.25623.1.0.118414
Category:	General
Title:	Tenable Nessus Agent < 10.2.1 Multiple Vulnerabilities (TNS-2022-22)
Summary:	Tenable Nessus Agent is prone to multiple vulnerabilities.
Description:	Summary: Tenable Nessus Agent is prone to multiple vulnerabilities. Vulnerability Insight: Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers. Nessus Agent 10.2.1 updates OpenSSL to version 3.0.7 to address the identified vulnerabilities. Affected Software/OS: Tenable Nessus Agent prior to version 10.2.1. Solution: Update to version 10.2.1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-3602 20221028 Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a FEDORA-2022-0f1d2e0537 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/ FEDORA-2022-502f096dce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/ GLSA-202211-01 https://security.gentoo.org/glsa/202211-01 VU#794340 https://www.kb.cert.org/vuls/id/794340 [oss-security] 20221101 OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786) http://www.openwall.com/lists/oss-security/2022/11/01/15 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786) http://www.openwall.com/lists/oss-security/2022/11/01/16 http://www.openwall.com/lists/oss-security/2022/11/01/18 http://www.openwall.com/lists/oss-security/2022/11/01/19 http://www.openwall.com/lists/oss-security/2022/11/01/20 http://www.openwall.com/lists/oss-security/2022/11/01/21 http://www.openwall.com/lists/oss-security/2022/11/01/24 http://www.openwall.com/lists/oss-security/2022/11/02/1 http://www.openwall.com/lists/oss-security/2022/11/02/2 http://www.openwall.com/lists/oss-security/2022/11/02/3 [oss-security] 20221102 Re: Fwd: Node.js security updates for all active release lines, November 2022 http://www.openwall.com/lists/oss-security/2022/11/02/10 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786) http://www.openwall.com/lists/oss-security/2022/11/01/17 http://www.openwall.com/lists/oss-security/2022/11/02/11 http://www.openwall.com/lists/oss-security/2022/11/02/13 http://www.openwall.com/lists/oss-security/2022/11/02/15 http://www.openwall.com/lists/oss-security/2022/11/02/5 http://www.openwall.com/lists/oss-security/2022/11/02/6 http://www.openwall.com/lists/oss-security/2022/11/02/7 http://www.openwall.com/lists/oss-security/2022/11/03/1 http://www.openwall.com/lists/oss-security/2022/11/03/2 [oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786) http://www.openwall.com/lists/oss-security/2022/11/02/12 http://www.openwall.com/lists/oss-security/2022/11/02/14 http://www.openwall.com/lists/oss-security/2022/11/02/9 [oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786) http://www.openwall.com/lists/oss-security/2022/11/03/10 http://www.openwall.com/lists/oss-security/2022/11/03/11 http://www.openwall.com/lists/oss-security/2022/11/03/5 [oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786) http://www.openwall.com/lists/oss-security/2022/11/03/3 http://www.openwall.com/lists/oss-security/2022/11/03/6 http://www.openwall.com/lists/oss-security/2022/11/03/7 http://www.openwall.com/lists/oss-security/2022/11/03/9 http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023 https://security.netapp.com/advisory/ntap-20221102-0001/ https://www.openssl.org/news/secadv/20221101.txt Common Vulnerability Exposure (CVE) ID: CVE-2022-3786 3.0.7 git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a OpenSSL Advisory
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.