CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12148

Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...

CVE-2024-12148

Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12148

CVE-2024-12148 affects Devolutions Server 2024.3.6.0 and earlier. The root cause is incorrect authorization in the permission validation component, allowing an authenticated user to access some reporting endpoints. Impact is limited to unauthorized access to reporting data as described in multipl...

CVE-2024-12148

Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...

CVE-2024-12148

Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12151

CVE-2024-12151 affects Devolutions Server (versions 2024.3.8.0 and earlier) due to an incorrect permission assignment in the User Migration feature, allowing users to retain their old permission sets. The vulnerable component is the User Migration feature; root cause: incorrect permission handlin...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12196

CVE-2024-12196 affects Devolutions Server 2024.3.7.0 and earlier due to incorrect authorization in the permissions component, allowing an authenticated user to view the password history of an entry without the view password permission. Documents identify the affected software and the underlying c...

CVE-2024-12196

Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier allows an authenticated user to view the password history of an entry without the view password permission...

CVE-2024-12196

Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier allows an authenticated user to view the password history of an entry without the view password permission...

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.6.0 and prior versions, which stems from incorrect authorization of the Privilege...

Devolutions Server 产品安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.8.0 and prior versions, which stems from an incorrect assignment of privileges in...

PT-2024-17459 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2024.3.8.0 and earlier Description: The issue is related to incorrect permission assignment in the user migration feature, allowing users to retain their old permission sets. This affects the security of the system...

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.7.0 and prior versions, which stems from incorrect authorization of the permission...

PT-2024-17483 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2024.3.7.0 and earlier Description: The issue is related to incorrect authorization in the permission component, allowing an authenticated user to view the password history of an entry without having the necessary...

CVE-2024-6512

Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing intended security restrictions, via the PAM access request approval mechanism...

CVE-2024-6512

Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing intended security restrictions, via the PAM access request approval mechanism...