CVE-2023-6588

Summary

Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline.

Affected Software

VendorProductVersion RangeStatus
DevolutionsWorkspace0affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References