CVE-2024-6512 | THREATINT

Description

Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing intended security restrictions, via the PAM access request approval mechanism.

PUBLISHED Reserved 2024-07-04 | Published 2024-09-25 | Updated 2025-03-14 | Assigner DEVOLUTIONS

Problem types

CWE-863: Incorrect Authorization

Product status

Default status

unaffected

Any version

affected

References

devolutions.net/security/advisories/DEVO-2024-0013

cve.org (CVE-2024-6512)

nvd.nist.gov (CVE-2024-6512)

Download JSON