Avis de sécurité

Sécurité et conformité

Nous respectons les normes les plus élevées pour protéger vos données et garantir la confiance.

Avis Signaler un problème de sécurité Centre de confiance

Retour à la liste

DEVO-2023-0015

Remote Desktop Manager Windows is affected by multiple security vulnerabilities.

Produits affectés

Remote Desktop Manager

Windows

Journal des modifications

Initial Publication - 2023-08-21

Medium - 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Unauthorized Connection Exploit via Remote Tools in Remote Desktop Manager

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.

Produits affectés

CVE(s)

CVE-2023-4373

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager Windows 2023.2.22 and higher.

Medium - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 5.7

Incorrect vault used for the duplicate entry feature.

Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults via an incorrect vault in the duplication write process.

Produits affectés

CVE(s)

CVE-2023-4417

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager Windows 2023.2.22 and higher.