Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-6512

Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing intended security restrictions, via the PAM access request approval mechanism.

Published

2024-09-25T14:15:05.560

Last Modified

2025-03-14T16:15:38.500

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-863
Type: Primary
CWE-863

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	devolutions	devolutions_server	< 2024.3.0	Yes

References

https://devolutions.net/security/advisories/DEVO-2024-0013 Vendor Advisory ([email protected])