CVE-2023-6588

Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline.

Published: Dec 7, 2023
Updated: Dec 13, 2023
CVE: CVE-2023-6588
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
devolutions / workspace	-	2023.3.2.0.x

https://devolutions.net/security/advisories/DEVO-2023-0022/

Vulnerability Database

CVE-2023-6588