Security & Compliance

DEVO-2021-0006

Affected Products

Remote Desktop Manager 2021.2.14 and earlier

Change Log

2021-10-14 - Initial Publication

Severity

High

Product

Remote Desktop Manager

Fix Version

2021.2.16

Summary

An incomplete permission check allows users to perform operations on entries without the required permissions when using the batch "Custom Powershell" action.

Permissions bypass with batch Custom Powershell

Description

Users could perform operations on entries without the required permissions when using the batch "Custom Powershell" action.

Remediation and Workarounds

Update to Remote Desktop Manager 2021.2.16 or higher

Severity

High - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Products

Remote Desktop Manager 2021.2.14 and earlier

CVE(s)

CVE-2021-42098

Devolutions Logo
English français Deutsch
Contact Us

Helping organizations control the IT chaos by providing highly-secure password, remote connection and privileged access management solutions.

DEVOLUTIONS 1000 Notre-Dame, Lavaltrie, QC J5T 1M1, Canada
Legal & Privacy infos@devolutions.net
All rights reserved © 2022 Devolutions