Security & Compliance
DEVO-2024-0014
Zusammenfassung
Remote Desktop Manager Windows is affected by a vulnerability.
Betroffene Produkte
Remote Desktop Manager 2024.2.20 and earlier
Änderungsprotokoll
25/09/2024 - Initial publication
Schweregrad
Medium
Produkt
Remote Desktop Manager Windows
Behobene Version
2024.3.10
Information exposure in windows Logs via WinSCP session
Beschreibung
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions
Behebungen und Workarounds
Upgrade to Remote Desktop Manager 2024.3.10 or higher
Schweregrad
Medium - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Betroffene Produkte
Remote Desktop Manager 2024.2.20 and earlier
CVE(s)
CVE-2024-7421