Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets.
History

Thu, 05 Dec 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 04 Dec 2024 17:30:00 +0000

Type Values Removed Values Added
Description Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets.
Weaknesses CWE-732
References

cve-icon MITRE

Status: PUBLISHED

Assigner: DEVOLUTIONS

Published: 2024-12-04T17:17:31.712Z

Updated: 2024-12-05T18:48:20.286Z

Reserved: 2024-12-04T13:39:26.086Z

Link: CVE-2024-12151

cve-icon Vulnrichment

Updated: 2024-12-05T18:48:10.795Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-12-04T18:15:12.850

Modified: 2024-12-05T19:15:07.773

Link: CVE-2024-12151

cve-icon Redhat

No data.