Security & Compliance

DEVO-2022-0002

Zusammenfassung

A vulnerability can reduce the strength of some passwords when exporting data in Remote Desktop Manager.

Betroffene Produkte

Remote Desktop Manager 2021.2 and earlier

Änderungsprotokoll

Initial Publication - 2022-03-09

Schweregrad

High

Produkt

Remote Destkop Manager

Behobene Version

2022.1

Weak password derivation on vault export

Beschreibung

When exporting data out of Remote Desktop Manager, a password can be used to encrypt the file. For passwords that were also valid Base64, Remote Desktop Manager erroneously decoded them prior to password derivation which reduces the effective length of the password.

Behebungen und Workarounds

Update to Remote Desktop Manager 2022.1 or higher.

Schweregrad

High - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Betroffene Produkte

Remote Desktop Manager

CVE(s)

CVE-2022-26964

Wir helfen Unternehmen dabei, das IT-Chaos zu meistern, indem wir Lösungen für Passwortverwaltung, Remoteverbindungen und privilegierte Zugriffsverwaltung bereitstellen.

DEVOLUTIONS

Sicherheit & Datenschutz | infos@devolutions.net

Alle Rechte vorbehalten © 2025 Devolutions