CNNVD-202507-3792 Information
CNNVD ID
CNNVD-202507-3792
Related CVE
- CNNVD Published: 2025-07-30
Description (Chinese)
Devolutions Server是加拿大Devolutions公司的一个应用系统。提供功能齐全的共享帐户和密码管理解决方案。 Devolutions Server 2025.2.5.0及之前版本存在安全漏洞,该漏洞源于PAM自动签入功能死锁问题,可能导致密码超期后仍有效。
Description (English)
The Defenses Server is an application of the Canadian Defenses Corporation. Provide a fully functional shared account and password management solution. There is a security loophole in the Defenses Server 2025.2.5.0 and earlier versions, which stems from the problem of the PAM auto-signing deadlock, which may result in the password remaining in force after it has expired.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Devolutions
Published
2025-07-30
Last Modified
2026-02-24
References
https://devolutions.net/security/advisories/DEVO-2025-0013/ https://access.redhat.com/security/cve/cve-2025-8312 https://nvd.nist.gov/vuln/detail/CVE-2025-8312
Patch
https://devolutions.net/security/advisories/DEVO-2025-0013/
Share on: