Portail 
Forum 
Devolutions Force 
Hub Business 
Hub Personal 
Devolutions Send 
Devolutions Academy 
RDM 
Workspace 
Launcher 
Sécurité et conformité
Nous respectons les normes les plus élevées pour protéger vos données et garantir la confiance.
DEVO-2023-0019
Remote Desktop Manager Windows and Devolutions Server are affected by security vulnerabilities.
Produits affectés
Journal des modifications
2023-11-01 - Initial Publication 2023-11-09 - Updated Devolutions Server fixed version due to new LTS release. 2023-11-10 - Updated Remote Desktop Manager fixed version due to backported fix to 2023.2.34
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 8.8 High
Remote code execution in Remote Desktop Manager
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to remotely execute code from another windows user session on the same host via a specially crafted TCP packet.
Produits affectés
CVE(s)
CVE-2023-5766
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager Windows 2023.2.34 or higher.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 4.3 Medium
Improper access control in Password Analyser feature
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching.
Produits affectés
CVE(s)
CVE-2023-5765
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager Windows 2023.2.34 or higher.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 4.3 Medium
Improper access control in Report log filters feature
Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters.
Produits affectés
CVE(s)
CVE-2023-5358
Mesures correctives et solutions de contournement
Upgrade to Devolutions Server 2023.2.11.0 or higher
