Vulnerabilities > CVE-2023-2400 - Incomplete Cleanup vulnerability in Devolutions Server

047910
CVSS 2.7 - LOW
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
devolutions
CWE-459

Summary

Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access.

Vulnerable Configurations

Part Description Count
Application
Devolutions
59

Common Weakness Enumeration (CWE)