5
CVE-2024-12151
- EPSS 0.13%
- Veröffentlicht 04.12.2024 18:15:12
- Zuletzt bearbeitet 28.03.2025 16:22:18
- Quelle security@devolutions.net
- CVE-Watchlists
- Unerledigt
LoginIncorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Devolutions ≫ Devolutions Server Version < 2024.3.9.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.335 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5 | 1.6 | 3.4 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
|
CWE-732 Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.