Vulnerability CVE-2023-6588


Published: 2023-12-07   Modified: 2023-12-14

Description:



Offline mode is always enabled, even if permission disallows it, in
Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and
earlier. This allows an attacker with access to the Workspace
application to access credentials when offline.




Type:

CWE-noinfo

Affected software
Devolutions -> Workspace 

 References:
https://devolutions.net/security/advisories/DEVO-2023-0022/

Copyright 2024, cxsecurity.com

 

Back to Top