Offline mode is always enabled, even if permission disallows it, in
Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and
earlier. This allows an attacker with access to the Workspace
application to access credentials when offline.
References
Link | Resource |
---|---|
https://devolutions.net/security/advisories/DEVO-2023-0022/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published: 2023-12-07T15:59:19.821Z
Updated: 2023-12-07T15:59:19.821Z
Reserved: 2023-12-07T15:41:50.627Z
Link: CVE-2023-6588
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-07T16:15:07.727
Modified: 2023-12-12T18:50:19.453
Link: CVE-2023-6588
JSON object: View
Redhat Information
No data.
CWE