Security & Compliance

DEVO-2022-0008

Affected Products

Remote Desktop Manager 2022.3.7 and earlier.

Change Log

Initial publication - 2022-11-01

Severity

Medium

Product

Remote Desktop Manager

Fix Version

2022.3.8

Summary

Database connections are not closed properly on MySQL data sources after a user is deleted which could allow them to access unauthorized data.

Database connections for deleted users not closed on MySQL data sources

Description

Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data.

Remediation and Workarounds

Upgrade to Remote Desktop Manager 2022.3.8 and later.

Severity

Medium - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products

Remote Desktop Manager 2022.3.7 and earlier.

CVE(s)

CVE-2022-3780

Devolutions Logo
English français Deutsch
Kontaktieren Sie uns

Unterstützt Unternehmen das IT-Chaos durch Bereitstellung sicherer Lösungen für Passwort-, Remoteverbindung- und privilegierter Zugriffsverwaltung zu meistern.

DEVOLUTIONS 1000 Notre-Dame, Lavaltrie, QC J5T 1M1, Canada
Sicherheit, Recht & Datenschutz infos@devolutions.net
Alle Rechte vorbehalten © 2023 Devolutions