Andreas Welcker

**Name of the Vulnerable Software and Affected Versions** Rapid7 Insight Agent versions prior to 3.1.3 **Description** The issue is related to improper access control, allowing users to access the snapshot directory. An attacker can access, read, and copy files in this directory, such as `asset info.json` or `file info.json`, leading to a loss of confidentiality. **Recommendations** For versions prior to 3.1.3, update to Rapid7 Insight Agent 3.1.3 to resolve the issue. As a temporary workaround, consider restricting access to the snapshot directory to minimize the risk of exploitation.