What is CVE-2023-1201?

CVE-2023-1201 is a medium-severity vulnerability in Devolutions Server. CVSS score: 6.5/10. Published 2023-03-10.

How severe is CVE-2023-1201?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Devolutions Server

CVE-2023-1201

Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains.

EPSS: 0.008 (52.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Devolutions Server — versions 0
Devolutions Devolutions_server

References

security@devolutions.net (Vendor Advisory)

Frequently asked questions

What is CVE-2023-1201?: CVE-2023-1201 is a medium-severity vulnerability in Devolutions Server. CVSS score: 6.5/10. Published 2023-03-10.
How severe is CVE-2023-1201?: Medium severity. CVSS v3 base score is 6.5 out of 10.