Sécurité et conformité
DEVO-2024-0014
Résumé
Remote Desktop Manager Windows is affected by a vulnerability.
Produits affectés
Remote Desktop Manager 2024.2.20 and earlier
Journal des modifications
25/09/2024 - Initial publication
Sévérité
Medium
Produit
Remote Desktop Manager Windows
Version corrigée
2024.3.10
Information exposure in windows Logs via WinSCP session
Description
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2024.3.10 or higher
Sévérité
Medium - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Produits affectés
Remote Desktop Manager 2024.2.20 and earlier
CVE(s)
CVE-2024-7421