Security & Compliance

DEVO-2023-0006

Zusammenfassung

Remote Desktop Manager MSSQL data source is affected by a vulnerability.

Betroffene Produkte

Remote Desktop Manager 2023.1.9 and below

Änderungsprotokoll

Initial publication - 2023-03-22

Schweregrad

Low

Produkt

Remote Desktop Manager

Behobene Version

2023.1.10

Password disclosure in the error dialog of the user creation feature of MSSQL.

Beschreibung

Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text.

Behebungen und Workarounds

Upgrade to Remote Desktop Manager 2023.1.10 and higher.

Schweregrad

Low - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Betroffene Produkte

Remote Desktop Manager 2023.1.9 and below.

CVE(s)

CVE-2023-1574

Wir helfen Unternehmen dabei, das IT-Chaos zu meistern, indem wir Lösungen für Passwortverwaltung, Remoteverbindungen und privilegierte Zugriffsverwaltung bereitstellen.

DEVOLUTIONS

Sicherheit & Datenschutz | infos@devolutions.net

Alle Rechte vorbehalten © 2025 Devolutions