4 matches found
CVE-2025-5382
Improper access control in users MFA feature in Devolutions Server 2025.1.7.0 and earlier allows a user with user management permission to remove or change administrators MFA...
CVE-2025-5382
creationtimestamp| type| source ---|---|--- 2025-06-05 13:49:39+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lquhl6pjdci2...
CVE-2025-5382
Improper access control in users MFA feature in Devolutions Server 2025.1.7.0 and earlier allows a user with user management permission to remove or change administrators MFA...
CVE-2025-5382
CVE-2025-5382 concerns Devolutions Server (versions ≤ 2025.1.7.0) where improper access control in the user MFA feature lets a user with the user-management permission remove or change administrators’ MFA settings. The vulnerability affects the MFA configuration component and is triggered by insu...