Security Advisory

CVE-2025-12808

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-06 16:36:14

Last updated 2025-11-07 14:06:55

Assigner DEVOLUTIONS

State PUBLISHED

Description

Improper access control in Devolutions allows a View-only user to retrieve sensitive third-level nested fields, such as password lists custom values, resulting in password disclosure. This issue affects the following versions : * Devolutions Server 2025.3.2.0 through 2025.3.5.0 * Devolutions Server 2025.2.15.0 and earlier

← Browse all CVEs View on cve.org ↗