exploitDog

GHSA-jq92-hhc7-45w7

Опубликовано: 05 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.8

Описание

Improper access control in users MFA feature in Devolutions Server 2025.1.7.0 and earlier allows a user with user management permission to remove or change administrators MFA.

Improper access control in users MFA feature in Devolutions Server 2025.1.7.0 and earlier allows a user with user management permission to remove or change administrators MFA.

Ссылки

EPSS

Процентиль: 10%

0.00035

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-5382

CVSS3: 6.8

nvd

8 месяцев назад

Improper access control in users MFA feature in Devolutions Server 2025.1.7.0 and earlier allows a user with user management permission to remove or change administrators MFA.

EPSS

Процентиль: 10%

0.00035

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-284