Описание
Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to elevate themselves to unauthorized groups via a specially crafted request.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024.1.8.0 (исключая)
cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
8.8 High
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 8.8
github
почти 2 года назад
Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to elevate themselves to unauthorized groups via a specially crafted request.
EPSS
Процентиль: 48%
0.0025
Низкий
8.8 High
CVSS3
Дефекты
CWE-863