Security & Compliance
DEVO-2022-0004
Zusammenfassung
Credentials in My Account Settings are accessible to other users when stored in the database.
Betroffene Produkte
Remote Desktop Manager 2022.1.6 and earlier
Änderungsprotokoll
Initial Publication - 2022-05-02
Schweregrad
Medium
Produkt
Remote Desktop Manager
Behobene Version
2022.1.8
Credentials stored in My Account Settings are accessible to other users
Beschreibung
Credentials stored in My Account Settings are stored in the datasource by default, which make them accessible to other users. An option was added in Remote Desktop Manager to save account settings locally.
Behebungen und Workarounds
Starting with Remote Desktop Manager 2022.1.8, an option is available in My Account Settings to set the save location to "Local". Account settings will then be saved locally on the computer.
Schweregrad
Medium - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Betroffene Produkte
Remote Desktop Manager 2022.1.6 and earlier
CVE(s)
CVE-2022-2221