CVE-2025-2278

Description

Improper access control in temporary access requests and checkout requests endpoints in Devolutions Server 2024.3.13 and earlier allows an authenticated user to access information about these requests via a known request ID.

References

https://devolutions.net/security/advisories/DEVO-2025-0004/

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3