Portal
Forum
Devolutions Force
Devolutions Hub Business
Devolutions Hub Personal
Devolutions Send
Devolutions Academy
RDM
Workspace
Launcher
Security & Compliance
DEVO-2024-0011
Zusammenfassung
We are writing to inform you that Remote Desktop Manager (RDM) and other Devolutions products are not impacted by the recently disclosed regreSSHion vulnerability (CVE-2024-6387). This vulnerability is specifically present in OpenSSH servers on glibc-based Linux systems.
Please note that some vulnerability scanners may report false positives due to the SSH client version included with RDM. It is important to remember that only the server component is affected by this vulnerability. RDM does not include an SSH server. Nevertheless, we are collaborating with our development team to release a patch that will update the SSH client, thereby reducing the likelihood of false positive reports.
For further details on this vulnerability, please refer to the official vulnerability disclosure: regreSSHion:https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
Betroffene Produkte
None
Änderungsprotokoll
4/7/2024 - Initial publication
Schweregrad
Information
Produkt
All
Behobene Version
None
