Description
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2023-58509 | Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints. |
References
| Link | Providers |
|---|---|
| https://devolutions.net/security/advisories/DEVO-2023-0020/ |
|
History
No history.
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published:
Updated: 2024-08-02T08:28:20.199Z
Reserved: 2023-11-22T18:34:42.184Z
Link: CVE-2023-6264
No data.
Status : Modified
Published: 2023-11-22T19:15:09.803
Modified: 2026-06-17T06:50:25.133
Link: CVE-2023-6264
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
EUVD