AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request.
devolutions.net/security/advisories/DEVO-2023-0017