CVE-2025-11958
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-22
Last updated on: 2025-11-25
Assigner: Devolutions Inc.
Description
Description
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| devolutions | devolutions_server | From 2022.3.1.0 (inc) to 2022.3.10.0 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper input validation issue in the Security Dashboard ignored-tasks API of Devolutions Server version 2025.2.15.0 and earlier. It allows an authenticated user to send a specially crafted request that causes a denial of service to the Security Dashboard.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an authenticated user to cause a denial of service condition on the Security Dashboard, potentially disrupting monitoring and management functions provided by the dashboard.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70