exploitDog

GHSA-7vhq-gphw-vgj2

Опубликовано: 04 дек. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0 and earlier on Windows allows an authenticated user that request temporary permissions on an entry to obtain more privileges than requested.

Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0 and earlier on Windows allows an authenticated user that request temporary permissions on an entry to obtain more privileges than requested.

Ссылки

EPSS

Процентиль: 46%

0.0023

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-732

Связанные уязвимости

CVE-2024-12149

CVSS3: 8.1

nvd

около 1 года назад

Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0 and earlier on Windows allows an authenticated user that request temporary permissions on an entry to obtain more privileges than requested.

EPSS

Процентиль: 46%

0.0023

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-732