← Zuruck zu CVEs
CVE-2026-3563
MEDIUM5.5
Beschreibung
Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of service via a conflicting URL path.
CVE Details
CVSS v3.1 Bewertung5.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht3/17/2026
Zuletzt geandert3/19/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
ironmansoftware:powershell_universal
Schwachen (CWE)
CWE-1289
Referenzen
https://devolutions.net/security/advisories/DEVO-2026-0008(security@devolutions.net)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.