cbcvebase.
CVE-2023-5358
published 2023-11-01

CVE-2023-5358: Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries…

PriorityP428medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.55%
41.7th percentile
Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters.

Affected

2 ranges
VendorProductVersion rangeFixed in
devolutionsdevolutions_server< 2023.3.4.02023.3.4.0
devolutionsdevolutions_server<= 2023.2.10.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.