Sécurité et conformité
DEVO-2022-0008
Résumé
Database connections are not closed properly on MySQL data sources after a user is deleted which could allow them to access unauthorized data.
Produits affectés
Remote Desktop Manager 2022.3.7 and earlier.
Journal des modifications
Initial publication - 2022-11-01
Sévérité
Medium
Produit
Remote Desktop Manager
Version corrigée
2022.3.8
Database connections for deleted users not closed on MySQL data sources
Description
Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data.
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2022.3.8 and later.
Sévérité
Medium - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Produits affectés
Remote Desktop Manager 2022.3.7 and earlier.
CVE(s)
CVE-2022-3780