How severe is CVE-2025-2003?

CVE-2025-2003 has a CVSS v3 score of 7.1 (HIGH).

CVE-2025-2003

Name: devolutions_server
Author: devolutions

7.1HIGH

Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission.

Published: 3/5/2025Updated: 3/28/2025

Description

Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission.

AI AnalysisPowered by AI

Affected Products

devolutionsdevolutions_server

References

https://devolutions.net/security/advisories/DEVO-2025-0003/
Vendor Advisory