First published: Tue Jun 20 2023(Updated: )
Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access.
Credit: security@devolutions.net security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Devolutions Server | <2023.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-2400 is a vulnerability that allows an administrator to view users' vaults of deleted users via database access in Devolutions Server 2023.1.8 and earlier.
CVE-2023-2400 has a severity rating of low with a value of 2.7.
CVE-2023-2400 affects Devolutions Server 2023.1.8 and earlier, allowing an administrator to view users' vaults of deleted users via database access.
To fix CVE-2023-2400 in Devolutions Server, you should upgrade to version 2023.2.1 or a later version.
More information about CVE-2023-2400 can be found at the following link: [https://devolutions.net/security/advisories/DEVO-2023-0014](https://devolutions.net/security/advisories/DEVO-2023-0014)