{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T06:50:11.938","vulnerabilities":[{"cve":{"id":"CVE-2024-11672","sourceIdentifier":"security@devolutions.net","published":"2024-11-25T15:15:07.180","lastModified":"2025-03-28T16:21:52.263","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows an authenticated malicious user to bypass the \"Add\" permission via the import in vault feature."},{"lang":"es","value":"La autorización incorrecta en el componente de agregar permiso en Devolutions Remote Desktop Manager 2024.2.21 y versiones anteriores en Windows permite que un usuario malintencionado autenticado omita el permiso \"Agregar\" a través de la función de importación en bóveda."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security@devolutions.net","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*","versionEndExcluding":"2024.3.10.0","matchCriteriaId":"53809D50-22E9-48E9-99A7-11B4E8FAC8AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*","versionEndExcluding":"2024.3.10.0","matchCriteriaId":"34028922-82CE-4A14-9492-DBB4FC8D49EF"}]}]}],"references":[{"url":"https://devolutions.net/security/advisories/DEVO-2024-0016","source":"security@devolutions.net","tags":["Vendor Advisory"]}]}}]}