Devolutions Server 2024.3.17.0

CPE Details

Devolutions Server 2024.3.17.0
devolutions
devolutions_server
2024.3.17.0
2025-06-17
16h52 +00:00
2025-06-17
16h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:devolutions:devolutions_server:2024.3.17.0:*:*:*:*:*:*:*

Informations

Vendor

devolutions

Product

devolutions_server

Version

2024.3.17.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-5382 2025-06-05 13h37 +00:00 Improper access control in users MFA feature in Devolutions Server 2025.1.7.0 and earlier allows a user with user management permission to remove or change administrators MFA.
6.8
Medium
CVE-2025-3768 2025-06-05 13h36 +00:00 Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable.
5
Medium
CVE-2025-4433 2025-05-30 12h16 +00:00 Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges.
8.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.