CNNVD-202510-2826 Information

CNNVD ID

CNNVD-202510-2826

Related CVE

CVE-2025-11957

• CNNVD Published: 2025-10-22

Description (Chinese)

Devolutions Server是加拿大Devolutions公司的一个应用系统。提供功能齐全的共享帐户和密码管理解决方案。 Devolutions Server 2025.2.12.0及之前版本存在安全漏洞，该漏洞源于临时访问工作流程授权不当，可能导致未经授权的访问。

Description (English)

The Defenses Server is an application of the Canadian Defenses Corporation. Provide a fully functional shared account and password management solution. There is a security loophole in the Defenses Server 2025.2.12.0 and earlier versions, which stems from the inappropriate authorization of temporary access workflows, which may lead to unauthorized access.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Devolutions

Published

2025-10-22

Last Modified

2026-02-24

References

https://devolutions.net/security/advisories/DEVO-2025-0015/ https://access.redhat.com/security/cve/cve-2025-11957

Patch

https://devolutions.net/security/advisories/DEVO-2025-0015/