Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters.

Related CVEs

CVE-2023-5358

Key Information

GHSA ID

GHSA-qj84-c93x-hc23

Published

November 1, 2023 6:30 PM

Last Modified

November 9, 2023 6:34 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 6, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.