Sécurité et conformité
DEVO-2023-0004
Résumé
The Hub Business submodule of the Remote Desktop Manager PowerShell module is affected by a vulnerability.
Produits affectés
Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and below.
Journal des modifications
Initial publication - 2023-03-06
Sévérité
Medium
Produit
Remote Desktop Manager PowerShell Module
Version corrigée
2022.3.1.6
Improper removal of sensitive data in Hub Business PowerShell submodule
Description
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected submodule.
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager PowerShell module 2022.3.1.6 and higher.
Sévérité
Medium - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 5.3
Produits affectés
Remote Desktop Manager PowerShell module 2022.3.1.5 and below.
CVE(s)
CVE-2023-1203