CVE-2023-5240 Information

Description

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request.

Reference

https://devolutions.net/security/advisories/DEVO-2023-0017