cbcvebase.
CVE-2023-2445
published 2023-05-02

CVE-2023-2445: Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and earlier allows attackers with administrator privileges to…

PriorityP425medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
EPSS
0.98%
57.8th percentile
Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and earlier allows attackers with administrator privileges to retrieve usage information on folders in user vaults via a specific folder name.

Affected

2 ranges
VendorProductVersion rangeFixed in
devolutionsdevolutions_server< 2023.1.3.02023.1.3.0
devolutionsdevolutions_server<= 2023.1.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.