CVE-2023-5358

Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters...

CVE-2023-5358

CVE-2023-5358 affects Devolutions Server (versions ≤ 2023.2.10.0). The issue is an improper access control in the Report log filters feature, which allows an attacker to retrieve logs from vaults or entries beyond their permissions via the report request URL query parameters. The public documenta...

CVE-2023-5358

Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters...

CVE-2023-5358

Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters...

PT-2023-32069 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2023.2.10.0 and earlier Description: The issue is related to improper access control in the Report log filters feature, allowing attackers to retrieve logs from vaults or entries they are not allowed to access. Thi...

CVE-2023-5575

Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...

Improper access control

Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...

CVE-2023-5575

Devolutions Server CVE-2023-5575 affects versions 2022.3.13.0 and earlier. The issue is improper access control in permission inheritance, enabling a low-privileged, compromised user to access entries via a specific combination of permissions on the entry and its parent. Remediation is to update ...

CVE-2023-5575

Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...

CVE-2023-5575

Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...

PT-2023-32187 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2022.3.13.0 and earlier Description: The issue is related to improper access control in permission inheritance, allowing an attacker who has compromised a low-privileged user to access entries through a specific...

CVE-2023-5240

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

CVE-2023-5240

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

Improper access control

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

CVE-2023-5240

CVE-2023-5240 concerns Devolutions Server (versions 2023.2.8.0 and earlier) with improper access control in PAM propagation scripts. The root cause, per Red Hat and other sources, is that an attacker with permission to manage PAM propagation scripts can retrieve passwords stored in those scripts ...

CVE-2023-5240

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

CVE-2023-2400

Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access...

CVE-2023-2400

Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access...

CVE-2023-2400

Summary: CVE-2023-2400 affects Devolutions Server 2023.1.8 and earlier. The vulnerability stems from an improper deletion of resources in the user management feature, which allows an administrator to view the vaults of deleted users via database access. Affected software/area: Devolutions Server,...

CVE-2023-2400

Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access...