Security & Compliance

DEVO-2022-0004

Affected Products

Remote Desktop Manager 2022.1.6 and earlier

Change Log

Initial Publication - 2022-05-02

Severity

Medium

Product

Remote Desktop Manager

Fix Version

2022.1.8

Summary

Credentials in My Account Settings are accessible to other users when stored in the database.

Credentials stored in My Account Settings are accessible to other users

Description

Credentials stored in My Account Settings are stored in the datasource by default, which make them accessible to other users. An option was added in Remote Desktop Manager to save account settings locally.

Remediation and Workarounds

Starting with Remote Desktop Manager 2022.1.8, an option is available in My Account Settings to set the save location to "Local". Account settings will then be saved locally on the computer.

Severity

Medium - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

Remote Desktop Manager 2022.1.6 and earlier

CVE(s)

CVE-2022-2221

Devolutions Logo
English français Deutsch
Contact Us

Helping organizations control the IT chaos by providing highly-secure password, remote connection and privileged access management solutions.

DEVOLUTIONS 1000 Notre-Dame, Lavaltrie, QC J5T 1M1, Canada
Legal & Privacy infos@devolutions.net
All rights reserved © 2022 Devolutions