CVE-2023-5358

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 1, 2023
Updated: Nov 9, 2023

Summary

CVE-2023-5358 is a vulnerability affecting Devolutions Server versions 2023.2.10.0 and earlier. This issue involves improper access control in the Report log filters feature. Attackers can exploit this vulnerability by manipulating report request URL query parameters to retrieve logs or access entries they are not authorized for. This poses a significant risk as it allows unauthorized access to sensitive data.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Devolutions Server

Affected Vendors

  • Devolutions