{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-6264","assignerOrgId":"bfee16bd-18e6-446c-9a65-f5b2e3d89c23","state":"PUBLISHED","assignerShortName":"DEVOLUTIONS","dateReserved":"2023-11-22T18:34:42.184Z","datePublished":"2023-11-22T18:39:21.629Z","dateUpdated":"2024-08-02T08:28:20.199Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["Devolutions Gateway","Content-Security-Policy"],"product":"Server","vendor":"Devolutions","versions":[{"lessThanOrEqual":"2023.3.7","status":"affected","version":"0","versionType":"custom"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div>Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints.<br></div>"}],"value":"Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints.\n\n\n"}],"providerMetadata":{"orgId":"bfee16bd-18e6-446c-9a65-f5b2e3d89c23","shortName":"DEVOLUTIONS","dateUpdated":"2023-11-22T18:39:21.629Z"},"references":[{"url":"https://devolutions.net/security/advisories/DEVO-2023-0020/"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T08:28:20.199Z"},"title":"CVE Program Container","references":[{"url":"https://devolutions.net/security/advisories/DEVO-2023-0020/","tags":["x_transferred"]}]}]}}