Security & Compliance
DEVO-2025-0002
Zusammenfassung
Devolutions Server is affected by a vulnerability
Betroffene Produkte
Devolutions Server 2024.3.10.0 and earlier
Änderungsprotokoll
11/02/2025 - Initial publication
Schweregrad
Low
Produkt
Devolutions Server
Behobene Version
2024.3.11.0
Improper password reset in PAM Module - Oracle users
Beschreibung
Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset functionality
Behebungen und Workarounds
Upgrade to Devolutions Server 2024.3.11.0 or higher
Schweregrad
2.3 Low - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Betroffene Produkte
Devolutions Server 2024.3.10.0 and earlier
CVE(s)
CVE-2025-1231