Security & Compliance
DEVO-2025-0003
Zusammenfassung
Devolutions Server is affected by a vulnerability.
Betroffene Produkte
Devolutions Server 2024.3.12 and earlier
Änderungsprotokoll
5/3/2025 - Initial publication
Schweregrad
Medium
Produkt
Devolutions Server
Behobene Version
2024.3.13
Incorrect authorization in PAM vaults
Beschreibung
Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission.
Schweregrad
Medium 6.0 - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
Betroffene Produkte
Devolutions Server 2024.3.12 and earlier
CVE(s)
CVE-2025-2003