CVE-2024-2921

The CVE concerns Devolutions Server (version family up to 2024.1.10.0) with an improper access control flaw in PAM vault permissions. An authenticated user who can access the PAM may reach unauthorized PAM entries due to the misconfigured permissions. Documents consistently describe the affected ...

CVE-2024-2921

Improper access control in PAM vault permissions in Devolutions Server 2024.1.10.0 and earlier allows an authenticated user with access to the PAM to access unauthorized PAM entries via a specific set of permissions...

CVE-2024-2921

Improper access control in PAM vault permissions in Devolutions Server 2024.1.10.0 and earlier allows an authenticated user with access to the PAM to access unauthorized PAM entries via a specific set of permissions...

CVE-2024-2915

Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to elevate themselves to unauthorized groups via a specially crafted request...

CVE-2024-2915

CVE-2024-2915 affects Devolutions Server up to version 2024.1.6, where a flaw in the PAM JIT elevation feature permits an attacker with PAM JIT access to elevate to unauthorized groups via a specially crafted request. The issue is categorized as improper access control; CVSS v3.1 base score 8.8 (...

CVE-2024-2915

Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to elevate themselves to unauthorized groups via a specially crafted request...

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.1.6 and prior versions that stems from improper access control...

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.1.6 and prior versions that stems from improper access control...

CVE-2024-2403

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory...

CVE-2024-2403

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory...

CVE-2024-2403

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory...

CVE-2024-2403

CVE-2024-2403 affects Devolutions Remote Desktop Manager prior to 2024.1.12 on Windows. The root cause is improper cleanup in the temporary file handling component, which may allow an attacker who has already compromised a user endpoint to access sensitive information via residual files in the te...

Devolutions Remote Desktop Manager Security Vulnerability

Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2024.1.12 and earlier, which stems from a sensitive information disclosure vulnerability...

PT-2024-20247 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2024.1.12 and earlier Description: The issue is related to improper cleanup in the temporary file handling component, which allows an attacker that has compromised a user endpoint to access sensitiv...

CVE-2024-2241

Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...

Improper access control

Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...

CVE-2024-2241

Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...

CVE-2024-2241

Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...

CVE-2024-2241

CVE-2024-2241 affects Devolutions Workspace (versions up to and including 2024.1.0). The vulnerability is due to improper access control in the user interface, allowing an authenticated user to perform unintended actions through specific permissions. The Red Hat/NVD entries corroborate the same d...

PT-2024-19400 · Devolutions · Devolutions Workspace

Name of the Vulnerable Software and Affected Versions: Devolutions Workspace versions 2024.1.0 and earlier Description: The issue is related to improper access control in the user interface, allowing an authenticated user to perform unintended actions via specific permissions. Recommendations: Fo...