Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-2400

Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access.

Published

2023-06-20T17:15:09.573

Last Modified

2024-12-09T19:15:11.070

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 2.7 (LOW)

Weaknesses

Type: Primary
CWE-459
Type: Secondary
CWE-459

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	devolutions	devolutions_server	< 2023.2.1	Yes

References

https://devolutions.net/security/advisories/DEVO-2023-0014 Vendor Advisory ([email protected])
https://devolutions.net/security/advisories/DEVO-2023-0014 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)