Devolutions: >> Devolutions Server >> 2025.3.2.0 Security Vulnerabilities
Improper access control in Devolutions allows a View-only userĀ to retrieve sensitive third-level nested fields, such as password lists custom values, resulting in password disclosure.
This issue affects the following versions :
* Devolutions Server 2025.3.2.0 through 2025.3.5.0
*
Devolutions Server 2025.2.15.0 and earlier
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-06
Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackersĀ in MitM position to intercept traffic.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-10-15
Page 3