Vulnerability Details CVE-2021-36382
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.0%
CVSS Severity
CVSS v3 Score 2.6
CVSS v2 Score 4.3
References
Products affected by CVE-2021-36382
-
cpe:2.3:a:devolutions:devolutions_server:-
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.10.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.11.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.12.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.13.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.14.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.15.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.16.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.17.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.18.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.19.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.20.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.8.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.1.9.0
-
cpe:2.3:a:devolutions:devolutions_server:2019.2.12.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.1.10.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.1.12.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.1.13.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.1.3.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.1.7.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.2.10.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.2.7.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.2.8.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.2.9.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.3
-
cpe:2.3:a:devolutions:devolutions_server:2020.3.11.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.3.12.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.3.14.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.3.17.0
-
cpe:2.3:a:devolutions:devolutions_server:2020.3.18
-
cpe:2.3:a:devolutions:devolutions_server:2020.3.20
-
cpe:2.3:a:devolutions:devolutions_server:2020.3.21
-
cpe:2.3:a:devolutions:devolutions_server:2020.3.8.0
-
cpe:2.3:a:devolutions:devolutions_server:2021.1
-
cpe:2.3:a:devolutions:devolutions_server:2021.1.17
-
cpe:2.3:a:devolutions:devolutions_server:2021.1.7.0