Security & Compliance
DEVO-2023-0006
Zusammenfassung
Remote Desktop Manager MSSQL data source is affected by a vulnerability.
Betroffene Produkte
Remote Desktop Manager 2023.1.9 and below
Änderungsprotokoll
Initial publication - 2023-03-22
Schweregrad
Low
Produkt
Remote Desktop Manager
Behobene Version
2023.1.10
Password disclosure in the error dialog of the user creation feature of MSSQL.
Beschreibung
Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text.
Behebungen und Workarounds
Upgrade to Remote Desktop Manager 2023.1.10 and higher.
Schweregrad
Low - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Betroffene Produkte
Remote Desktop Manager 2023.1.9 and below.
CVE(s)
CVE-2023-1574