Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains.
References
Link | Resource |
---|---|
https://devolutions.net/security/advisories/DEVO-2023-0005 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published: 2023-03-06T17:15:00.735Z
Updated: 2023-03-10T20:05:13.704141Z
Reserved: 2023-03-06T15:51:14.721Z
Link: CVE-2023-1201
JSON object: View
NVD Information
Status : Modified
Published: 2023-03-10T21:15:14.627
Modified: 2023-11-07T04:02:51.537
Link: CVE-2023-1201
JSON object: View
Redhat Information
No data.
CWE