How severe is CVE-2023-2257?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2023-2257?

This is classified as CWE-863, which is a common weakness in software security.

CVE-2023-2257

MEDIUM Year: 2023

CVSS v3 Score

6.1

Medium

Weakness Type

CWE-863

View all →

Vulnerability Description

Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub Business space without being prompted to enter the password via an unimplemented "Force Login" security feature. This vulnerability occurs only if "Force Login" feature is enabled on the Hub Business instance and that an attacker has access to a locked Workspace desktop application configured with a Hub Business space.

CVE-2019-11724

MEDIUM

CVSS:6.1(Medium)

Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unneces...

CWE-8632019

CVE-2021-20290

MEDIUM

CVSS:6.1(Medium)

An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw ...

CWE-8632021

CVE-2021-3457

MEDIUM

CVSS:6.1(Medium)

An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute actions that should be limited to the Foreman Server. This fla...

CWE-8632021

CVE-2022-1132

MEDIUM

CVSS:6.1(Medium)

Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device.

CWE-8632022

CVE-2023-29656

MEDIUM

CVSS:6.1(Medium)

An improper authorization vulnerability in Darktrace mobile app (Android) prior to version 6.0.15 allows disabled and low-privilege users to control "antigena" actions(block/unblock traffic) from the ...

CWE-8632023

CVE-2025-21570

MEDIUM

CVSS:6.1(Medium)

Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Applications (component: Login). The supported version that is affected is 8.2.3. Easily exploitable vulnerabil...

CWE-8632025

CVE-2023-2257

Vulnerability Description

Related Vulnerabilities

CVE-2019-11724

CVE-2021-20290

CVE-2021-3457

CVE-2022-1132

CVE-2023-29656

CVE-2025-21570