CVE-2021-36382

CVSS 2.6 LOWEPSS 0.5%

Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).

CVSS:3.1/AC:H/AV:A/A:N/C:L/I:N/PR:N/S:U/UI:R

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://devolutions.net/security/advisories/DEVO-2021-0005