Target Access Problems by Authentication Protocol - Maximum Privilege Account Used in Scan

info Nessus Plugin ID 150799
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

Nessus scanned the target host with the highest available privilege level. Yet Nessus encountered permissions issues while accessing one or more items during the scan.

Description

Nessus was able to log in to the remote host using the provided credentials. The provided credentials have the highest privilege possible on the remote host. Yet Nessus encountered permissions issues while accessing items during the scan.

It is likely that this condition is caused by one or more of the following:

1) A plugin tried to access a resource that requires a special privilege level such as NT_AUTHORITY on Windows. The resource may have had its permissions altered since the plugin was written.
2) Environmental issues may have caused an intermittent failure in authentication that caused Nessus to stop attempting privilege escalation.
3) A resource on the host that Nessus attempts to access multiple times may be configured with access limits. Related lockouts may look like permissions failures.
4) Nessus may have tried to access a resource that does not exist on a target that fails to properly report permissions issues.
For instance, on some legacy unix systems such as AIX or HP-UX there is no way to distinguish a missing resource from a permissions error.

If you believe that the plugin indicated attempted to access the wrong resource or a resource that has recently received special OS protection, please contact Tenable Support.

Plugin Details

Severity: Info

ID: 150799

File Name: authenticated_superuser_permission_issues.nasl

Version: 1.2

Type: summary

Family: Settings

Published: 7/6/2021

Updated: 7/6/2021

Vulnerability Information