Portail 
Forum 
Devolutions Force 
Hub Business 
Hub Personal 
Devolutions Send 
Devolutions Academy 
RDM 
Workspace 
Launcher 
Sécurité et conformité
Nous respectons les normes les plus élevées pour protéger vos données et garantir la confiance.
DEVO-2024-0016
Remote Desktop Manager is affected by vulnerabilities.
Produits affectés
Journal des modifications
11/25/2024 - Initial publication
Medium 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager
Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the "View Password" permission via specific actions.
Produits affectés
CVE(s)
CVE-2024-11670
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2024.3.10 or higher
Medium 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager
Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching.
Produits affectés
CVE(s)
CVE-2024-11671
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2024.3.18 or higher
Medium 5.3 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager
Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows an authenticated malicious user to bypass the "Add" permission via the import in vault feature.
Produits affectés
CVE(s)
CVE-2024-11672
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2024.3.10 or higher
