Insecure Access Control in Devolutions Server 2022.3.12 and Below: Unauthorized Access to Secure Messages

Insecure Access Control in Devolutions Server 2022.3.12 and Below: Unauthorized Access to Secure Messages

CVE-2023-1201 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains.

Learn more about our Cis Benchmark Audit For Server Software.