Portal
Forum
Devolutions Force
Devolutions Hub Business
Devolutions Hub Personal
Devolutions Send
Devolutions Academy
RDM
Workspace
Launcher
Security & Compliance
DEVO-2024-0004
Zusammenfassung
Remote Desktop Manager is affected by multiple vulnerabilities.
Betroffene Produkte
Remote Desktop Manager Windows 2024.1.12 and earlier
Änderungsprotokoll
2024-03-13 - Initial publication
Schweregrad
Medium
Produkt
Remote Desktop Manager
Behobene Version
2024.1.15
Terrapin vulnerability in Remote Desktop Manager
Beschreibung
Remote Desktop Manager is affected by the Terrapin vulnerability in the following modules :
- SSH Sessions.
- Embedded OpenSSH client used for Powershell Remoting.
We have updated our implementations to include the security fixes.
For more information about the Terrapin vulnerability please consult the following :
https://terrapin-attack.com/
Behebungen und Workarounds
Upgrade to Remote Desktop Manager 2024.1.15 or higher
Schweregrad
5.9 Medium - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Betroffene Produkte
Remote Desktop Manager Windows 2024.1.12 and earlier
CVE(s)
CVE-2023-48795
Improper cleanup in temporary file handling component.
Beschreibung
Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory.
Behebungen und Workarounds
Upgrade to Remote Desktop Manager 2024.1.15 or higher
Schweregrad
2.3 - Low CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Betroffene Produkte
Remote Desktop Manager Windows 2024.1.12 and earlier
CVE(s)
CVE-2024-2403
