Improper Access Control in Devolutions DVLS Affects Sensitive Data Security
CVE-2024-10971

Currently unrated

Key Information:

Vendor: Devolutions
Status: Dvls (devolutions Server)
Vendor: CVE Published:; 12 November 2024

🔔 Create Devolutions Vulnerability Alert

What is CVE-2024-10971?

An improper access control vulnerability exists in the Password History feature of Devolutions DVLS versions up to 2024.3.6. It allows an authenticated attacker to exploit permission flaws, potentially leading to the unauthorized retrieval of sensitive user data. This security issue underscores the importance of stringent access policies and regular audits to prevent data breaches and ensure the integrity of user information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

DVLS (Devolutions Server) Windows 0 <= 2024.3.6

References

https://devolutions.net/security/advisories/DEVO-2024-0015/

Timeline

Vulnerability published
Nov 12, 2024

JSON

Devolutions

What is CVE-2024-10971?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.