Detections
Analytics
Eyes Of Network Privilege Escalation Vulnerability (CVE-2020-8655)
high Nessus Plugin ID 176053
Language:
Synopsis
The Eyes Of Network instance on the remote host is affected by a privilege escalation vulnerabilityDescription
An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via nmap.Solution
https://github.com/EyesOfNetworkCommunity/eonconf/issues/8See Also
Plugin Details
Severity: High
ID: 176053
File Name: eon_cve-2020-8655.nbin
Version: 1.39
Type: local
Family: Misc.
Published: 5/18/2023
Updated: 3/19/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2020-8655
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:eyesofnetwork:eyesofnetwork
Required KB Items: Host/local_checks_enabled, installed_sw/Eyes Of Network
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 10/14/2020
CISA Known Exploited Vulnerability Due Dates: 5/3/2022
Exploitable With
Metasploit (EyesOfNetwork 5.1-5.3 AutoDiscovery Target Command Execution)
Reference Information
CVE: CVE-2020-8655