CVE-2021-42098

EUVD-2021-29084
An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Affected Products (NVD)
VendorProductVersion
devolutionsremote_desktop_manager
𝑥
< 2021.2.16
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://devolutions.net
https://devolutions.net/security/advisories/DEVO-2021-0006
https://devolutions.net
https://devolutions.net/security/advisories/DEVO-2021-0006