Security & Compliance
DEVO-2023-0014
Zusammenfassung
Devolutions Server is affected by a security vulnerability.
Betroffene Produkte
Devolutions Server 2023.1.8 and earlier
Änderungsprotokoll
Initial publication - 2023-06-20
Schweregrad
Medium
Produkt
Devolutions Server
Behobene Version
2023.2
Improper deletion of resource in the user management feature
Beschreibung
Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access.
Behebungen und Workarounds
Upgrade to Devolutions Server 2023.2.1 and higher
Schweregrad
Medium - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N 4.2
Betroffene Produkte
Devolutions Server 2023.1.8 and earlier
CVE(s)
CVE-2023-2400