CVE-2024-12151
CVSS 3.1 Score 5 of 10 (medium)
Details
Published Dec 4, 2024
Updated: Dec 5, 2024
CWE ID 732
Summary
CVE-2024-12151 is a vulnerability affecting Devolutions Server versions 2024.3.8.0 and earlier. The issue lies in the user migration feature, where incorrect permission assignments enable users to maintain their old access levels despite the migration process. This vulnerability could potentially allow unauthorized access or privilege escalation within the affected system. It is crucial for administrators to update their Devolutions Server installations to a patched version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Devolutions Server
- Server
Affected Vendors
- Devolutions