What the vulnerability does
01Description
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).
CVSS base score
CVSS vector
CVSS:3.1/AC:H/AV:A/A:N/C:L/I:N/PR:N/S:U/UI:R
What the vulnerability does
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).
Key dates
External resources