CVE-2024-4846
June 25, 2024, 6:50 p.m.
Tags
Product(s) Impacted
Devolutions Server
- 2024.1.14.0
- before 2024.1.14.0
Description
Authentication bypass in the 2FA feature in Devolutions Server 2024.1.14.0 and earlier allows an authenticated attacker to authenticate to another user without being asked for the 2FA via another browser tab.
Weaknesses
Date
Published: June 25, 2024, 1:15 p.m.
Last Modified: June 25, 2024, 6:50 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
security@devolutions.net
References
https://devolutions.net/
security@devolutions.net