Vulnerability Details CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in
Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and
earlier. This allows an attacker with access to the Workspace
application to access credentials when offline.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.8%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2023-6588
-
cpe:2.3:a:devolutions:workspace:2022.3.0.11
-
cpe:2.3:a:devolutions:workspace:2022.3.1.0
-
cpe:2.3:a:devolutions:workspace:2022.3.2.4
-
cpe:2.3:a:devolutions:workspace:2022.4.0.6
-
cpe:2.3:a:devolutions:workspace:2022.4.1.4
-
cpe:2.3:a:devolutions:workspace:2023.1.0.4
-
cpe:2.3:a:devolutions:workspace:2023.1.0.5
-
cpe:2.3:a:devolutions:workspace:2023.1.1.4
-
cpe:2.3:a:devolutions:workspace:2023.1.2.8
-
cpe:2.3:a:devolutions:workspace:2023.1.2.9
-
cpe:2.3:a:devolutions:workspace:2023.1.3.1
-
cpe:2.3:a:devolutions:workspace:2023.1.3.2
-
cpe:2.3:a:devolutions:workspace:2023.1.4.0
-
cpe:2.3:a:devolutions:workspace:2023.2.0.0
-
cpe:2.3:a:devolutions:workspace:2023.2.1.0
-
cpe:2.3:a:devolutions:workspace:2023.2.2.0
-
cpe:2.3:a:devolutions:workspace:2023.2.3.0
-
cpe:2.3:a:devolutions:workspace:2023.2.4.0
-
cpe:2.3:a:devolutions:workspace:2023.2.5.0
-
cpe:2.3:a:devolutions:workspace:2023.2.6.0
-
cpe:2.3:a:devolutions:workspace:2023.3.0.0
-
cpe:2.3:a:devolutions:workspace:2023.3.1.0
-
cpe:2.3:a:devolutions:workspace:2023.3.2.0