Insufficient access control in support ticket feature in Devolutions Server 2023.1.5.0 and below allows an authenticated attacker to send support tickets and download diagnostic files via specific endpoints.
References
Link | Resource |
---|---|
https://devolutions.net/security/advisories/DEVO-2023-0010 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published: 2023-04-21T21:52:14.163Z
Updated: 2023-06-12T19:48:35.982Z
Reserved: 2023-04-17T12:42:59.155Z
Link: CVE-2023-2118
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-04-21T22:15:07.307
Modified: 2023-04-29T03:06:26.340
Link: CVE-2023-2118
JSON object: View
Redhat Information
No data.
CWE