CVE-2024-6354

Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard.
CVSS

No CVSS.

Configurations

No configuration.

History

21 Nov 2024, 09:49

Type Values Removed Values Added
References () https://devolutions.net/security/advisories/DEVO-2024-0010 - () https://devolutions.net/security/advisories/DEVO-2024-0010 -

03 Jul 2024, 02:09

Type Values Removed Values Added
CWE CWE-1262

27 Jun 2024, 12:47

Type Values Removed Values Added
Summary
  • (es) El control de acceso inadecuado en el panel de PAM en Devolutions Remote Desktop Manager 2024.2.11 y versiones anteriores en Windows permite a un usuario autenticado omitir el permiso de ejecución mediante el uso del panel de PAM.

26 Jun 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-26 17:15

Updated : 2024-11-21 09:49


NVD link : CVE-2024-6354

Mitre link : CVE-2024-6354

CVE.ORG link : CVE-2024-6354


JSON object : View

Products Affected

No product.

CWE
CWE-1262

Register Interface Allows Software Access to Sensitive Data or Security Settings