CVE-2026-12117
CVE-2026-12117
Improper access control in the social login connection endpoint in
Devolutions Server 2026.2.5 allows an authenticated vault member to
enumerate social login entry metadata to which they are not authorized
via a crafted API request.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Productos afectados
Devolutions · Devolutions Server¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →