Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HDevolutions Remote Desktop Manager
APPDevolutions< 2024.2.12.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2026-2590CRITICAL9.8PL ✓ten sam produkt
Błędne egzekwowanie zakazu zapisywania haseł w Devolutions Remote Desktop Manager
CVE-2024-6057CRITICAL9.8PL ✓ten sam produkt
Pominięcie hasła master vault w Devolutions Remote Desktop Manager
CVE-2023-6593CRITICAL9.8PL ✓ten sam produkt
Pomijanie uprawnień po stronie klienta w Devolutions Remote Desktop Manager na iOS
CVE-2023-5765CRITICAL9.8ten sam produkt
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and e...
CVE-2023-5766CRITICAL9.8ten sam produkt
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an a...