Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve
account discovery scan results.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Devolutions | Devolutions Server | unaffected |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Devolutions
Subscribe
|
Devolutions Server
Subscribe
|
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
| Link | Providers |
|---|---|
| https://devolutions.net/security/advisories/DEVO-2026-0017/ |
|
Tue, 16 Jun 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Devolutions
Devolutions devolutions Server |
|
| Vendors & Products |
Devolutions
Devolutions devolutions Server |
Tue, 16 Jun 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper access control in PAM account discovery results in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve account discovery scan results. | |
| Weaknesses | CWE-882 | |
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published:
Updated: 2026-06-16T18:24:00.306Z
Reserved: 2026-06-10T15:08:21.510Z
Link: CVE-2026-11890
Vulnrichment
No data.
NVD
Status : Awaiting Analysis
Published: 2026-06-16T20:16:27.227
Modified: 2026-06-16T20:41:35.520
Link: CVE-2026-11890
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-16T20:45:02Z