Entry Permission Bypass via ID Collision in Devolutions Server 2022.3.13 and Prior Versions

Entry Permission Bypass via ID Collision in Devolutions Server 2022.3.13 and Prior Versions

CVE-2023-1603 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision.

Learn more about our Cis Benchmark Audit For Server Software.