Nessus · Nessus · CVE-2022-33757
**Name of the Vulnerable Software and Affected Versions**
Nessus (affected versions not specified)
**Description**
The issue is related to insufficient access control in the Nessus web interface, allowing an authenticated attacker to read Nessus Debug Log file attachments without proper privileges. This could lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties who can access the Nessus instance.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.