1219 matches found
Improper access control
Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters...
CVE-2023-5358
Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters...
CVE-2023-5358
Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters...
CVE-2023-5358
CVE-2023-5358 affects Devolutions Server (versions ≤ 2023.2.10.0). The issue is an improper access control in the Report log filters feature, which allows an attacker to retrieve logs from vaults or entries beyond their permissions via the report request URL query parameters. The public documenta...
CVE-2023-5765
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching...
CVE-2023-5765
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching...
CVE-2023-5765
The CVE-2023-5765 entry concerns Devolutions Remote Desktop Manager (Windows) with versions 2023.2.33 and earlier, where an improper access control in the password analyzer allows bypassing permissions via data source switching. Exploitation details are not provided in the documents, and the core...
Devolutions Server Security Vulnerability
Devolutions Server is an application from Devolutions Canada. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2023.2.10.0 and earlier, which stems from an improper access control issue in the Report log...
PT-2023-32069 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2023.2.10.0 and earlier Description: The issue is related to improper access control in the Report log filters feature, allowing attackers to retrieve logs from vaults or entries they are not allowed to access. Thi...
Devolutions Remote Desktop Manager Security Vulnerability
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2023.2.33 and earlier, which stems from the presence of a remote code execution...
PT-2023-32311 · Devolutions · Devolutions Remote Desktop Manager
Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2023.2.33 and earlier Description: The issue is related to improper access control in the password analyzer feature, allowing an attacker to bypass permissions via data source switching. This can be...
CVE-2023-5575
Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...
CVE-2023-5575
Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...
Improper access control
Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...
CVE-2023-5575
Devolutions Server CVE-2023-5575 affects versions 2022.3.13.0 and earlier. The issue is improper access control in permission inheritance, enabling a low-privileged, compromised user to access entries via a specific combination of permissions on the entry and its parent. Remediation is to update ...
CVE-2023-5575
Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...
CVE-2023-5575
Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...
PT-2023-32187 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2022.3.13.0 and earlier Description: The issue is related to improper access control in permission inheritance, allowing an attacker who has compromised a low-privileged user to access entries through a specific...
Devolutions Server Security Vulnerability
Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2022.3.13.0 and prior versions, which stems from incorrect access control and allows an attacker to...
CVE-2023-5240
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...