cvedb.io
CVE-2023-2445
MEDIUM · CVSS 4.9
EPSS exploitation probability: 0%
Published 2023-05-02T14:15:09.207 · Last modified 2026-06-17T05:52:36.260

Summary

Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and earlier allows attackers with administrator privileges to retrieve usage information on folders in user vaults via a specific folder name.

Affected products

devolutions — devolutions_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when devolutions ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.