1219 matches found
CVE-2023-1201
Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains...
CVE-2023-1201
CVE-2023-1201 affects Devolutions Server 2022.3.12 and earlier, with an improper access control issue in the secure messages feature. An authenticated attacker who possesses the message UUID can access the data contained in that message, per multiple sources. The CVSSv3.1 base score is 6.5 (Mediu...
CVE-2023-1201
Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains...
CVE-2023-1203
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected submodule...
CVE-2023-1203
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected submodule...
CVE-2023-1203
CVE-2023-1203 affects Devolutions Remote Desktop Manager PowerShell Module, Hub Business submodule. The vulnerability stems from improper removal of sensitive data during entry edits, allowing an authenticated user to access sensitive data on entries edited with the affected submodule. Affected v...
PT-2023-16818 · Devolutions · Devolutions Remote Desktop Manager Powershell Module
Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager PowerShell Module versions 2022.3.1.5 and earlier Description: The issue is related to the improper removal of sensitive data in the entry edit feature of the Hub Business submodule. This allows an...
PT-2023-16816 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2022.3.12 and below Description: The issue concerns improper access control in the secure messages feature, allowing an authenticated attacker with the message UUID to access the contained data. Recommendations: Fo...
CVE-2023-0952
Improper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an authenticated user to access sensitive data without proper authorization...
CVE-2023-0953
Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources...
CVE-2023-0951
Improper access controls on some API endpoints in Devolutions Server 2022.3.12 and earlier could allow a standard privileged user to perform privileged actions...
CVE-2023-0953
Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources...
CVE-2023-0951
Improper access controls on some API endpoints in Devolutions Server 2022.3.12 and earlier could allow a standard privileged user to perform privileged actions...
CVE-2023-0952
Improper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an authenticated user to access sensitive data without proper authorization...
Sql injection
Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources...
Improper access control
Improper access controls on some API endpoints in Devolutions Server 2022.3.12 and earlier could allow a standard privileged user to perform privileged actions...
Improper access control
Improper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an authenticated user to access sensitive data without proper authorization...
Devolutions Server 安全漏洞
Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2022.3.12 and prior versions that stems from improper access control on certain API endpoints. An...
Devolutions Server 安全漏洞
Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2022.3.12 and prior versions that stems from improper access control. An attacker could exploit the...
Devolutions Server SQL注入漏洞
Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2022.3.12 and prior versions, which stems from insufficient cleanup of inputs in the document...