How severe is CVE-2025-4493?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2025-4493?

This is classified as CWE-266, which is a common weakness in software security.

CVE-2025-4493

MEDIUM Year: 2025

CVSS v3 Score

6.5

Medium

Weakness Type

CWE-266

View all →

Vulnerability Description

Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This issue affects the following versions : * Devolutions Server 2025.1.3.0 through 2025.1.7.0 * Devolutions Server 2024.3.15.0 and earlier

CVE-2020-26182

MEDIUM

CVSS:6.5(Medium)

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' re...

CWE-2662020

CVE-2021-1412

MEDIUM

CVSS:6.5(Medium)

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to imp...

CWE-2662021

CVE-2021-40123

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files t...

CWE-2662021

CVE-2022-1225

MEDIUM

CVSS:6.5(Medium)

Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.

CWE-2662022

CVE-2022-20782

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. Thi...

CWE-2662022