Improper access control in PAM vault permissions in Devolutions Server 2024.1.10.0 and earlier allows an authenticated user with access to the PAM to access unauthorized PAM entries via a specific set of permissions.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://devolutions.net/security/advisories/DEVO-2024-0005 |
History
Thu, 07 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Devolutions
Devolutions devolutions Server |
|
Weaknesses | CWE-306 | |
CPEs | cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:* | |
Vendors & Products |
Devolutions
Devolutions devolutions Server |
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published: 2024-03-26T15:51:24.128Z
Updated: 2024-11-07T15:30:21.748Z
Reserved: 2024-03-26T15:04:26.012Z
Link: CVE-2024-2921
Vulnrichment
Updated: 2024-08-01T19:25:42.199Z
NVD
Status : Awaiting Analysis
Published: 2024-03-26T16:15:14.173
Modified: 2024-11-21T09:10:50.660
Link: CVE-2024-2921
Redhat
No data.