Tenable · Nessus · CVE-2023-3251
**Name of the Vulnerable Software and Affected Versions**
Nessus versions prior to 10.6.0
**Description**
A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.
**Recommendations**
For versions prior to 10.6.0, update to version 10.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Nessus application to minimize the risk of exploitation.