Sécurité et conformité

DEVO-2024-0011

Résumé

We are writing to inform you that Remote Desktop Manager (RDM) and other Devolutions products are not impacted by the recently disclosed regreSSHion vulnerability (CVE-2024-6387). This vulnerability is specifically present in OpenSSH servers on glibc-based Linux systems.

Please note that some vulnerability scanners may report false positives due to the SSH client version included with RDM. It is important to remember that only the server component is affected by this vulnerability. RDM does not include an SSH server. Nevertheless, we are collaborating with our development team to release a patch that will update the SSH client, thereby reducing the likelihood of false positive reports.

For further details on this vulnerability, please refer to the official vulnerability disclosure: regreSSHion:https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

Produits affectés

None

Journal des modifications

4/7/2024 - Initial publication

Sévérité

Information

Produit

All

Version corrigée

None

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

Devolutions aide les organisations à contrôler le chaos relié aux TI en offrant des solutions sécurisées de gestion d’accès privilégiés, de connexions à distance et de mots de passe.

DEVOLUTIONS

Légal & vie privée | infos@devolutions.net

Tous droits réservés © 2025 Devolutions