CVE-2024-11670

Description

Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the "View Password" permission via specific actions.

References

https://devolutions.net/security/advisories/DEVO-2024-0015

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3