CVE-2025-2278 Information

Description

Improper access control in temporary access requests and checkout requests endpoints in Devolutions Server 2024.3.13 and earlier allows an authenticated user to access information about these requests via a known request ID.

Reference

https://devolutions.net/security/advisories/DEVO-2025-0004/