Devolutions: >> Devolutions Server >> 2024.3.10.0 Security Vulnerabilities
Improper access control in temporary access requests and checkout requests endpoints in Devolutions Server 2024.3.13 and earlier allows an authenticated user to access information about these requests via a known request ID.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-03-13
Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-03-05
Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset functionality.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-02-11
Page 2