Sécurité et conformité

DEVO-2022-0008

Résumé

Database connections are not closed properly on MySQL data sources after a user is deleted which could allow them to access unauthorized data.

Produits affectés

Remote Desktop Manager 2022.3.7 and earlier.

Journal des modifications

Initial publication - 2022-11-01

Sévérité

Medium

Produit

Remote Desktop Manager

Version corrigée

2022.3.8

Database connections for deleted users not closed on MySQL data sources

Description

Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data.

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager 2022.3.8 and later.

Sévérité

Medium - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Produits affectés

Remote Desktop Manager 2022.3.7 and earlier.

CVE(s)

CVE-2022-3780

Devolutions aide les organisations à contrôler le chaos relié aux TI en offrant des solutions sécurisées de gestion d’accès privilégiés, de connexions à distance et de mots de passe.

DEVOLUTIONS

Légal & vie privée | infos@devolutions.net

Tous droits réservés © 2025 Devolutions