3 matches found
CVE-2024-2918
CVE-2024-2918 affects Devolutions Server 2024.1.6 and earlier, via improper input validation in the PAM JIT elevation feature. The issue allows an attacker with access to PAM JIT elevation to forge the displayed group in the PAM JIT elevation checkout request through a specially crafted request. ...
CVE-2026-9249
This CVE concerns Devolutions Server where a crafted password-change request allows an attacker to change a user’s password without providing the current one. Affected versions include Devolutions Server 2026.1.6.0–2026.1.16.0 and 2025.3.20.0 and earlier; no root-cause or fix details are provided...
CVE-2025-13758
CVE-2025-13758 is tied to Devolutions Server and describes exposure of credentials in unintended requests. The connected Nessus entry (DEVO-2025-0018) confirms this issue alongside related CVEs and states affected versions include Devolutions Server up to 2025.2.20 and up to 2025.3.8, respectivel...