Sécurité et conformité
Nous respectons les normes les plus élevées pour protéger vos données et garantir la confiance.
DEVO-2025-0004
Remote Desktop Manager and Devolutions Server are affected by vulnerabilities.
Produits affectés
Journal des modifications
2025/03/13 - Initial publication 2025/03/26 - Updated fixed versions due to backporting the security fixes.
6.9 Medium - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Exposure of sensitive information in My Personal Credentials password history component
Produits affectés
CVE(s)
CVE-2025-1636
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2024.3.31 or higher
6.8 Medium - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Exposure of sensitive information in hub data source export feature
Produits affectés
CVE(s)
CVE-2025-1635
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2024.3.31 or higher
6.8 Medium - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Exposure of password in web-based SSH authentication component
Produits affectés
CVE(s)
CVE-2025-2277
Mesures correctives et solutions de contournement
Upgrade to Devolutions Server 2024.3.14 or higher
2.3 Low - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Improper access control in temporary access requests and checkout requests endpoints
Produits affectés
CVE(s)
CVE-2025-2278
Mesures correctives et solutions de contournement
Upgrade to Devolutions Server 2024.3.14 or higher
Medium 5.3 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Improper access control in web extension restriction feature
Produits affectés
CVE(s)
CVE-2025-2280
Mesures correctives et solutions de contournement
Upgrade to Devolutions Server 2024.3.6 or higher