Security & Compliance
DEVO-2024-0010
Zusammenfassung
Remote Desktop Manager is affected by a vulnerability
Betroffene Produkte
Remote Desktop Manager 2024.2.11 and earlier
Änderungsprotokoll
26/06/2024 - Initial publication
Schweregrad
Low
Produkt
Remote Desktop Manager Windows
Behobene Version
2024.2.12
Improper access control in PAM dashboard
Beschreibung
Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard.
Please be advised that the execute permission is a client-side setting. As such, it does not expose any credentials beyond those the user already has access to. Consequently, this is classified as a low-severity issue.
Behebungen und Workarounds
Upgrade to Remote Desktop Manager 2024.2.12 or higher
Schweregrad
2.3 Low - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Betroffene Produkte
Remote Desktop Manager 2024.2.11 and earlier
CVE(s)
CVE-2024-6354