CVE-2024-1764 | Devolutions Server up to 2023.3.14.0 Just-in-Time Elevation Module privileges management (DEVO-2024-0002)

Inserito da Angelo Barbosa | Mar 6, 2024 | CVE

A vulnerability was found in Devolutions Server up to 2023.3.14.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Just-in-Time Elevation Module. The manipulation leads to improper privilege management.

This vulnerability is known as CVE-2024-1764. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-1764 | Devolutions Server up to 2023.3.14.0 Just-in-Time Elevation Module privileges management (DEVO-2024-0002)

Post correlati

CVE-2024-3826 | Akana SSO improper authentication

CVE-2021-4439 | Linux Kernel up to 5.14.14 isdn kcapi.c cmtp_add_connection array index

CVE-2024-30637 | Tenda F1202 1.2.0.20(408) /goform/WriteFacMac formWriteFacMac mac command injection

CVE-2023-5123 | Grafana grafana-json-datasource prior 1.3.11 path traversal