Security & Compliance

DEVO-2021-0006

Summary

An incomplete permission check allows users to perform operations on entries without the required permissions when using the batch "Custom Powershell" action.

Affected Products

Remote Desktop Manager 2021.2.14 and earlier

Change Log

2021-10-14 - Initial Publication

Severity

High

Products

Remote Desktop Manager

Fix Version

2021.2.16

Permissions bypass with batch Custom Powershell

Description

Users could perform operations on entries without the required permissions when using the batch "Custom Powershell" action.

Remediation and Workarounds

Update to Remote Desktop Manager 2021.2.16 or higher

Severity

High - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Products

Remote Desktop Manager 2021.2.14 and earlier

CVE(s)

CVE-2021-42098

Helping organizations control the IT chaos by providing highly-secure password, remote connection and privileged access management solutions.

DEVOLUTIONS

Legal & privacy | infos@devolutions.net

All rights reserved © 2025 Devolutions