CVE-2025-4316 Information

Description

Improper access control in PAM feature in Devolutions Server 2025.1.6.0 and earlier allows a PAM user to self approve their PAM requests even if disallowed by the configured policy via specific user interface actions.

Reference

https://devolutions.net/security/advisories/DEVO-2025-0007/