Sécurité et conformité
DEVO-2022-0009
Résumé
Dashlane password and Keepass Server password in My Account Settings is stored unencrypted in the database.
Produits affectés
Remote Desktop Manager 2022.2.26 and earlier.
Devolutions Server 2022.3.1 and earlier.
Journal des modifications
Initial publication - 2022-11-01
Sévérité
Medium
Produit
Remote Desktop Manager, Devolutions Server
Version corrigée
RDM 2022.2.27, DVLS 2022.3.2
Unencrypted sensitive data in the database
Description
Dashlane password and Keepass Server password in My Account Settings is stored unencrypted in the data base.
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2022.2.27 or higher.
Upgrade to Devolutions Server 2022.3.2 or higher.
Sévérité
Medium - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Produits affectés
Remote Desktop Manager 2022.2.26 and earlier.
Devolutions Server 2022.3.1 and earlier.
CVE(s)
CVE-2022-3781