Information Exposure Vulnerability in Devolutions Server by Devolutions
CVE-2021-23924

7.5HIGH

Key Information:

Vendor: Devolutions
Status: Devolutions Server
Vendor: CVE Published:; 1 April 2021

🔔 Create Devolutions Vulnerability Alert

What is CVE-2021-23924?

A vulnerability exists in Devolutions Server prior to version 2020.3, which exposes sensitive information through diagnostic files. This issue could potentially allow unauthorized access to sensitive data, highlighting the need for users to ensure they are operating on the latest version to safeguard their systems against data leaks.

References

https://devolutions.net/security/advisories/devo-2021-0002

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2021
Vulnerability Reserved
Jan 12, 2021