Portal Portal Forum Forum Devolutions Force Devolutions Force Devolutions Hub Business Devolutions Hub Business Devolutions Hub Personal Devolutions Hub Personal Download RDM RDM Workspace Workspace Launcher Launcher

Security & Compliance

Security & Compliance Reporting a Security Issue Advisories

DEVO-2023-0007

Summary

Devolutions Gateway is affected by a vulnerability.

Affected Products

Devolutions Gateway 2023.1.1 and earlier.

Change Log

Initial publication - 2023-03-22

Severity

Medium

Product

Devolutions Gateway

Fix Version

2023.1.2

Uncontrolled resource consumption in the logging feature of Devolutions Gateway

Description

Uncontrolled resource consumption in the logging feature in Devolutions Gateway 2023.1.1 and earlier allows an attacker to cause a denial of service by filling up the disk with specially crafted requests and render the system unusable.

Remediation and Workarounds

Upgrade to Devolutions Gateway 2023.1.2 and higher.

Severity

Medium - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Affected Products

Devolutions Gateway 2023.1.1 and earlier.

CVE(s)

CVE-2023-1580