Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).
References
Link | Resource |
---|---|
https://devolutions.net/security/advisories/DEVO-2021-0005 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-07-12T13:04:50
Updated: 2021-07-12T13:04:50
Reserved: 2021-07-12T00:00:00
Link: CVE-2021-36382
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-12T14:15:08.400
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-36382
JSON object: View
Redhat Information
No data.