CVE-2021-42098

High

An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via…

DEVOLUTIONS·CWE-276·Published 2021-10-18

CVSS

8.8

EPSS

0.02

KEV

Exploits

cve.orgen

164 chars

An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell.

NVDen

164 chars

An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell.

Una comprobación de permisos incompleta en las entradas de Devolutions Remote Desktop Manager versiones anteriores a 2021.2.16, permite a atacantes omitir los permisos por medio de PowerShell personalizado por lotes

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.5	8.0	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H