First published: Wed Feb 22 2023(Updated: )
Improper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an authenticated user to access sensitive data without proper authorization.
Credit: security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Devolutions Server | <=2022.3.12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-0952 is a vulnerability in Devolutions Server 2022.3.12 and earlier that allows an authenticated user to access sensitive data without proper authorization.
CVE-2023-0952 has a severity rating of 6.5, which is considered medium.
An authenticated user can exploit CVE-2023-0952 by improperly accessing entries in Devolutions Server 2022.3.12 and earlier, allowing them to access sensitive data without proper authorization.
To fix CVE-2023-0952, users should update to a version of Devolutions Server that is not affected by the vulnerability.
More information about CVE-2023-0952 can be found in the security advisory published by Devolutions at https://devolutions.net/security/advisories/DEVO-2023-0003.