Products
Devolutions Server
- 2024.1.14.0
- before 2024.1.14.0
Source
security@devolutions.net
Tags
CVE-2024-4846 details
Published : June 25, 2024, 1:15 p.m.
Last Modified : June 25, 2024, 6:50 p.m.
Last Modified : June 25, 2024, 6:50 p.m.
Description
Authentication bypass in the 2FA feature in Devolutions Server 2024.1.14.0 and earlier allows an authenticated attacker to authenticate to another user without being asked for the 2FA via another browser tab.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://devolutions.net/security/advisories/DEVO-2024-0009 | security@devolutions.net |
This website uses the NVD API, but is not approved or certified by it.