How severe is CVE-2025-2003?

CVE-2025-2003 has a CVSS v3 score of 7.1 (HIGH).

CVE-2025-2003

Name: devolutions_server
Author: devolutions

7.1HIGH

Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission.

Publicado: 3/5/2025Actualizado: 3/28/2025

Descripción

Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission.

Análisis IAImpulsado por IA

Productos Afectados

devolutionsdevolutions_server

Referencias

https://devolutions.net/security/advisories/DEVO-2025-0003/
Vendor Advisory