Sécurité et conformité

DEVO-2024-0004

Résumé

Remote Desktop Manager is affected by multiple vulnerabilities.

Produits affectés

Remote Desktop Manager Windows 2024.1.12 and earlier

Journal des modifications

2024-03-13 - Initial publication

Sévérité

Medium

Produit

Remote Desktop Manager

Version corrigée

2024.1.15

Terrapin vulnerability in Remote Desktop Manager

Description

Remote Desktop Manager is affected by the Terrapin vulnerability in the following modules :

  • SSH Sessions.
  • Embedded OpenSSH client used for Powershell Remoting.

We have updated our implementations to include the security fixes.

For more information about the Terrapin vulnerability please consult the following :
https://terrapin-attack.com/

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager 2024.1.15 or higher

Sévérité

5.9 Medium - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Produits affectés

Remote Desktop Manager Windows 2024.1.12 and earlier

CVE(s)

CVE-2023-48795

Improper cleanup in temporary file handling component.

Description

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory.

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager 2024.1.15 or higher

Sévérité

2.3 - Low CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Produits affectés

Remote Desktop Manager Windows 2024.1.12 and earlier

CVE(s)

CVE-2024-2403

Devolutions aide les organisations à contrôler le chaos relié aux TI en offrant des solutions sécurisées de gestion d’accès privilégiés, de connexions à distance et de mots de passe.

DEVOLUTIONS

Légal & vie privée | infos@devolutions.net

Tous droits réservés © 2025 Devolutions