PT-2023-17095 · Devolutions · Devolutions Gateway
Published
2023-03-22
·
Updated
2023-04-07
·
CVE-2023-1580
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Devolutions Gateway versions 2023.1.1 and earlier
Description
The issue is related to uncontrolled resource consumption in the logging feature, which can be exploited by an attacker to cause a denial of service. This is achieved by filling up the disk, rendering the system unusable.
Recommendations
For Devolutions Gateway versions 2023.1.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Devolutions Gateway