Sécurité et conformité
DEVO-2023-0006
Résumé
Remote Desktop Manager MSSQL data source is affected by a vulnerability.
Produits affectés
Remote Desktop Manager 2023.1.9 and below
Journal des modifications
Initial publication - 2023-03-22
Sévérité
Low
Produit
Remote Desktop Manager
Version corrigée
2023.1.10
Password disclosure in the error dialog of the user creation feature of MSSQL.
Description
Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text.
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2023.1.10 and higher.
Sévérité
Low - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Produits affectés
Remote Desktop Manager 2023.1.9 and below.
CVE(s)
CVE-2023-1574