CVE-2024-11671

CVE-2024-11671

Vendor Devolutions
Product Remote Desktop Manager
Weakness CWE-287 · Improper authentication
Published November 25, 2024
Last update November 25, 2024

CVSS base score

What the vulnerability does

01Description

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching.

Key dates

02Disclosure timeline

November 25, 2024 CVE published
November 25, 2024 Record updated