CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1203
https://notcve.org/view.php?id=CVE-2023-1203
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected submodule. • https://devolutions.net/security/advisories/DEVO-2023-0004 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0952
https://notcve.org/view.php?id=CVE-2023-0952
Improper access controls on entries in Devolutions Server 2022.3.12 and earlier could allow an authenticated user to access sensitive data without proper authorization. • https://devolutions.net/security/advisories/DEVO-2023-0003 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0951
https://notcve.org/view.php?id=CVE-2023-0951
Improper access controls on some API endpoints in Devolutions Server 2022.3.12 and earlier could allow a standard privileged user to perform privileged actions. • https://devolutions.net/security/advisories/DEVO-2023-0003 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0953
https://notcve.org/view.php?id=CVE-2023-0953
Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources. • https://devolutions.net/security/advisories/DEVO-2023-0003 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0661
https://notcve.org/view.php?id=CVE-2023-0661
Improper access control in Devolutions Server allows an authenticated user to access unauthorized sensitive data. • https://devolutions.net/security/advisories/DEVO-2023-0002 •