Back to search
CVE-2022-33757
Published: Oct 24, 2022
Modified: May 7, 2025
PUBLISHED
Description
An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance.
| Vendor | Product | Versions |
|---|---|---|
Tenable, Inc. | Tenable Nessus | affected 0 - < 10.2.0 |
References
https://www.tenable.com/security/tns-2022-11
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now