Sécurité et conformité
DEVO-2023-0014
Résumé
Devolutions Server is affected by a security vulnerability.
Produits affectés
Devolutions Server 2023.1.8 and earlier
Journal des modifications
Initial publication - 2023-06-20
Sévérité
Medium
Produit
Devolutions Server
Version corrigée
2023.2
Improper deletion of resource in the user management feature
Description
Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access.
Mesures correctives et solutions de contournement
Upgrade to Devolutions Server 2023.2.1 and higher
Sévérité
Medium - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N 4.2
Produits affectés
Devolutions Server 2023.1.8 and earlier
CVE(s)
CVE-2023-2400