CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11670

Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the "View Password" permission via specific actions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.4%

CVSS Severity

CVSS v3 Score 5.4

References

https://devolutions.net/security/advisories/DEVO-2024-0015

Products affected by CVE-2024-11670

Devolutions » Remote Desktop Manager » Version: 2024.1.15.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.15.0
Devolutions » Remote Desktop Manager » Version: 2024.1.17.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.17.0
Devolutions » Remote Desktop Manager » Version: 2024.1.18.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.18.0
Devolutions » Remote Desktop Manager » Version: 2024.1.19.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.19.0
Devolutions » Remote Desktop Manager » Version: 2024.1.20.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.20.0
Devolutions » Remote Desktop Manager » Version: 2024.1.21.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.21.0
Devolutions » Remote Desktop Manager » Version: 2024.1.23.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.23.0
Devolutions » Remote Desktop Manager » Version: 2024.1.25.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.25.0
Devolutions » Remote Desktop Manager » Version: 2024.1.27.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.27.0
Devolutions » Remote Desktop Manager » Version: 2024.1.28.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.28.0
Devolutions » Remote Desktop Manager » Version: 2024.1.29.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.29.0
Devolutions » Remote Desktop Manager » Version: 2024.1.30.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.30.0
Devolutions » Remote Desktop Manager » Version: 2024.1.31.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.31.0
Devolutions » Remote Desktop Manager » Version: 2024.1.32.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.1.32.0
Devolutions » Remote Desktop Manager » Version: 2024.2.10.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.10.0
Devolutions » Remote Desktop Manager » Version: 2024.2.11.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.11.0
Devolutions » Remote Desktop Manager » Version: 2024.2.12.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.12.0
Devolutions » Remote Desktop Manager » Version: 2024.2.13.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.13.0
Devolutions » Remote Desktop Manager » Version: 2024.2.14.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.14.0
Devolutions » Remote Desktop Manager » Version: 2024.2.15.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.15.0
Devolutions » Remote Desktop Manager » Version: 2024.2.16.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.16.0
Devolutions » Remote Desktop Manager » Version: 2024.2.17.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.17.0
Devolutions » Remote Desktop Manager » Version: 2024.2.18.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.18.0
Devolutions » Remote Desktop Manager » Version: 2024.2.19.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.19.0
Devolutions » Remote Desktop Manager » Version: 2024.2.20.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.20.0
Devolutions » Remote Desktop Manager » Version: 2024.2.21.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.21.0
Devolutions » Remote Desktop Manager » Version: 2024.2.8.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.2.8.0
Devolutions » Remote Desktop Manager » Version: 2024.3.10.0

cpe:2.3:a:devolutions:remote_desktop_manager:2024.3.10.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11670

Products

Pricing

Contact Us