Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request.
References
Link | Resource |
---|---|
https://devolutions.net/security/advisories/DEVO-2023-0017 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published: 2023-10-13T12:22:23.816Z
Updated: 2023-10-13T12:22:23.816Z
Reserved: 2023-09-27T18:43:43.331Z
Link: CVE-2023-5240
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-13T13:15:12.693
Modified: 2023-10-17T16:11:51.793
Link: CVE-2023-5240
JSON object: View
Redhat Information
No data.
CWE