1219 matches found
PT-2025-23929 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.10.0 and earlier Description: The issue is related to improper access control in the permissions component, allowing an authenticated user to bypass the "Edit permission" permission. This is achieved by...
CVE-2025-4433
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges...
CVE-2025-5334
Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal information. Under specific circumstances, entries may be unintentionally moved from us...
CVE-2025-4433
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges...
CVE-2025-4433
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges...
CVE-2025-4493
Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This issue affects the following versions : Devolutions Server 2025.1.3.0 through 2025.1.7.0 Devolutions Server...
CVE-2025-4433
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges...
CVE-2025-4433
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges...
CVE-2025-4433
CVE-2025-4433 affects Devolutions Server (versions 2025.1.7.0 and earlier). The vulnerability arises from improper access control in User Group Management, enabling a non-administrative user who has both User Management and User Group Management permissions to escalate privileges by adding users ...
Devolutions Server 访问控制错误漏洞
Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. An Access Control Error vulnerability exists in Devolutions Server version 2025.1.7.0 and prior versions, which stems from improper access control for...
PT-2025-23282 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.7.0 and earlier Description: The issue is related to improper access control in user group management, allowing a non-administrative user with both User Management and User Group Management permissions to...
Devolutions Server <= 2024.3.15.0 / 2025.1.3.0 <= 2025.1.7.0 Improper Privilege Assignment (DEVO-2025-0008)
The version of Devolutions Server installed on the remote host is prior or equal to 2024.3.15.0 or 2025.1.3.0 through 2025.1.7.0 and is, therefore, affected by an improper privilege assignment vulnerability: - Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a...
Devolutions Remote Desktop Manager 安全漏洞
Devolutions Remote Desktop Manager is an application from Devolutions Canada Inc. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2025.1.34.0 and prior versions, which stems from improper access control in the user...
CVE-2025-4493
Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This issue affects the following versions : Devolutions Server 2025.1.3.0 through 2025.1.7.0 Devolutions Server...
CVE-2025-4493
Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This issue affects the following versions : Devolutions Server 2025.1.3.0 through 2025.1.7.0 Devolutions Server...
CVE-2025-4493
Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This issue affects the following versions : Devolutions Server 2025.1.3.0 through 2025.1.7.0 Devolutions Server...
CVE-2025-4493
Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This issue affects the following versions : Devolutions Server 2025.1.3.0 through 2025.1.7.0 Devolutions Server...
CVE-2025-4493
The CVE-2025-4493 entry concerns Devolutions Server, where an improper privilege assignment in PAM JIT privilege sets can let a PAM user perform PAM JIT requests on unauthorized groups due to a user interface issue. Impacted versions include 2025.1.3.0–2025.1.7.0 and 2024.3.15.0 and earlier. The ...
PT-2025-23082 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2024.3.15.0 and earlier Devolutions Server versions 2025.1.3.0 through 2025.1.7.0 Description: The issue is related to improper privilege assignment in PAM JIT privilege sets, allowing a PAM user to perform PAM JIT...
Devolutions Server 安全漏洞
Devolutions Server is an application from Devolutions Canada Inc. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server versions 2025.1.7.0 and earlier and 2024.3.15.0 and earlier, which stems from an improper assignment...