CVE-2023-5358

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 1, 2023

Updated: Nov 9, 2023

Summary

CVE-2023-5358 is a vulnerability affecting Devolutions Server versions 2023.2.10.0 and earlier. This issue involves improper access control in the Report log filters feature. Attackers can exploit this vulnerability by manipulating report request URL query parameters to retrieve logs or access entries they are not authorized for. This poses a significant risk as it allows unauthorized access to sensitive data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Devolutions Server

Affected Vendors

Devolutions

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s4mFDn
https://www.cve.org/CVERecord?id=CVE-2023-5358
https://nvd.nist.gov/vuln/detail/CVE-2023-5358

Back to Vulnerability Database