Devolutions Server 2023.3.7.0

CPE Details

Devolutions Server 2023.3.7.0
devolutions
devolutions_server
2023.3.7.0
2023-12-01
09h45 +00:00
2023-12-01
09h45 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:devolutions:devolutions_server:2023.3.7.0:*:*:*:*:*:*:*

Informations

Vendor

devolutions

Product

devolutions_server

Version

2023.3.7.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-6512 2024-09-25 13h55 +00:00 Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing intended security restrictions, via the PAM access request approval mechanism.
6.5
Medium
CVE-2024-1898 2024-03-05 21h35 +00:00 Improper access control in the notification feature in Devolutions Server 2023.3.14.0 and earlier allows a low privileged user to change notifications settings configured by an administrator.
4.3
Medium
CVE-2023-6264 2023-11-22 18h39 +00:00 Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints.
5.3
Medium