CVE-2023-1603

CVSS 6.5 MEDIUMEPSS 0.6%CWE-863

Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Produtos afetados

Devolutions · Server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://devolutions.net/security/advisories/DEVO-2023-0008