Security & Compliance
DEVO-2022-0008
Zusammenfassung
Database connections are not closed properly on MySQL data sources after a user is deleted which could allow them to access unauthorized data.
Betroffene Produkte
Remote Desktop Manager 2022.3.7 and earlier.
Änderungsprotokoll
Initial publication - 2022-11-01
Schweregrad
Medium
Produkt
Remote Desktop Manager
Behobene Version
2022.3.8
Database connections for deleted users not closed on MySQL data sources
Beschreibung
Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data.
Behebungen und Workarounds
Upgrade to Remote Desktop Manager 2022.3.8 and later.
Schweregrad
Medium - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Betroffene Produkte
Remote Desktop Manager 2022.3.7 and earlier.
CVE(s)
CVE-2022-3780