CPE Details
Devolutions Server 2024.3.8.0
2024.3.8.0
2025-04-04
16h34 +00:00
16h34 +00:00
2025-04-04
16h34 +00:00
16h34 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:devolutions:devolutions_server:2024.3.8.0:*:*:*:*:*:*:*
Informations
Vendor
devolutionsProduct
devolutions_serverVersion
2024.3.8.0Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Improper access control in temporary access requests and checkout requests endpoints in Devolutions Server 2024.3.13 and earlier allows an authenticated user to access information about these requests via a known request ID. | 6.5 |
Moyen |
||
| Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13 and earlier allows a user to unadvertently leak his SSH password due to missing password masking. | 7.5 |
Haute |
||
| Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission. | 7.1 |
Haute |
||
| Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset functionality. | 5.4 |
Moyen |
||
| Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets. | 5 |
Moyen |
