Описание
Improper input validation in PAM JIT elevation feature in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to forge the displayed group in the PAM JIT elevation checkout request via a specially crafted request.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024.1.11.0 (исключая)
cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00137
Низкий
3.6 Low
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 3.6
github
почти 2 года назад
Improper input validation in PAM JIT elevation feature in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to forge the displayed group in the PAM JIT elevation checkout request via a specially crafted request.
EPSS
Процентиль: 34%
0.00137
Низкий
3.6 Low
CVSS3
Дефекты
NVD-CWE-noinfo