advisories

Sicherheit & Regelkonformität

Wir halten die höchsten Standards ein, um Ihre Daten zu schützen und Vertrauen zu gewährleisten.

Warnungen Ein sicherheitsproblem melden warnungen Trust Center

Back to listing

DEVO-2023-0009

Remote Desktop Manager is affected by multiple security vulnerabilities.

Betroffene Produkte

Remote Desktop Manager

Änderungsprotokoll

Initial Publication - 2023-04-11 Fix wrong affected version - 2023-04-24

Medium - 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N

Two factor authentication bypass

Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries.

Betroffene Produkte

CVE(s)

CVE-2023-1980

Behebungen und Workarounds

Upgrade to Remote Desktop Manager to 2023.1.10 and higher

Medium (4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

No access control for the OTP key on OTP entries

No access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager Windows 2022.3.33.0 and prior versions and Remote Desktop Manager Linux 2022.3.2.0 and prior versions allows non admin users to see OTP keys via the user interface.

Betroffene Produkte

CVE(s)

CVE-2023-1939

Behebungen und Workarounds

Upgrade to Remote Desktop Manager Windows to 2022.3.34 and higher

Upgrade to Remote Desktop Manager Linux to 2022.3.2.1 and higher