Vulnerabilities > Devolutions > Low

DATE CVE VULNERABILITY TITLE RISK
2023-06-20 CVE-2023-2400 Incomplete Cleanup vulnerability in Devolutions Server
Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access.
network
low complexity
devolutions CWE-459
2.7
2023-01-26 CVE-2023-0463 Unspecified vulnerability in Devolutions Remote Desktop Manager 2022.3.29/2022.3.30
The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions Remote Desktop Manager 2022.3.29 to 2022.3.30 allows a user to save sensitive data on disk.
local
low complexity
devolutions
3.3
2021-07-12 CVE-2021-36382 Insufficiently Protected Credentials vulnerability in Devolutions Server
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).
network
high complexity
devolutions CWE-522
3.7