CVE-2024-12151

CVSS 3.1 Score 5 of 10 (medium)

Details

Published Dec 4, 2024
Updated: Dec 5, 2024
CWE ID 732

Summary

CVE-2024-12151 is a vulnerability affecting Devolutions Server versions 2024.3.8.0 and earlier. The issue lies in the user migration feature, where incorrect permission assignments enable users to maintain their old access levels despite the migration process. This vulnerability could potentially allow unauthorized access or privilege escalation within the affected system. It is crucial for administrators to update their Devolutions Server installations to a patched version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Devolutions Server
  • Server

Affected Vendors

  • Devolutions