Insufficient access control in support ticket feature in Devolutions Server 2023.1.5.0 and below allows an authenticated attacker to send support tickets and download diagnostic files via specific endpoints.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://devolutions.net/security/advisories/DEVO-2023-0010 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published: 2023-04-21T21:52:14.163Z
Updated: 2024-08-02T06:12:20.420Z
Reserved: 2023-04-17T12:42:59.155Z
Link: CVE-2023-2118
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-04-21T22:15:07.307
Modified: 2024-11-21T07:57:58.273
Link: CVE-2023-2118
Redhat
No data.