Security & Compliance
DEVO-2022-0002
Zusammenfassung
A vulnerability can reduce the strength of some passwords when exporting data in Remote Desktop Manager.
Betroffene Produkte
Remote Desktop Manager 2021.2 and earlier
Änderungsprotokoll
Initial Publication - 2022-03-09
Schweregrad
High
Produkt
Remote Destkop Manager
Behobene Version
2022.1
Weak password derivation on vault export
Beschreibung
When exporting data out of Remote Desktop Manager, a password can be used to encrypt the file. For passwords that were also valid Base64, Remote Desktop Manager erroneously decoded them prior to password derivation which reduces the effective length of the password.
Behebungen und Workarounds
Update to Remote Desktop Manager 2022.1 or higher.
Schweregrad
High - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Betroffene Produkte
Remote Desktop Manager
CVE(s)
CVE-2022-26964