DEVO-2022-0007

Affected Products

Remote Desktop Manager 2022.2.14 and earlier

Change Log

Initial publication - 2022-09-12

Severity

High

Product

Remote Desktop Manager

Fix Version

2022.2.15

Summary

It is possible to bypass the application lock in Remote Desktop Manager when Duo SMS two-factor is used.

Application lock bypass with Duo SMS two-factor

Description

It is possible to bypass the application lock in Remote Desktop Manager when Duo SMS two-factor is used.

Remediation and Workarounds

Upgrade to Remote Desktop Manager 2022.2.15 and later.

Severity

High - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Remote Desktop Manager 2022.2.14 and earlier.

CVE(s)

CVE-2022-3182