Security & Compliance

DEVO-2022-0009

Summary

Dashlane password and Keepass Server password in My Account Settings is stored unencrypted in the database.

Affected Products

Remote Desktop Manager 2022.2.26 and earlier.

Devolutions Server 2022.3.1 and earlier.

Change Log

Initial publication - 2022-11-01

Severity

Medium

Products

Remote Desktop Manager, Devolutions Server

Fix Version

RDM 2022.2.27, DVLS 2022.3.2

Unencrypted sensitive data in the database

Description

Dashlane password and Keepass Server password in My Account Settings is stored unencrypted in the data base.

Remediation and Workarounds

Upgrade to Remote Desktop Manager 2022.2.27 or higher.

Upgrade to Devolutions Server 2022.3.2 or higher.

Severity

Medium - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products

Remote Desktop Manager 2022.2.26 and earlier.

Devolutions Server 2022.3.1 and earlier.

CVE(s)

CVE-2022-3781

Helping organizations control the IT chaos by providing highly-secure password, remote connection and privileged access management solutions.

DEVOLUTIONS

Legal & privacy | infos@devolutions.net

All rights reserved © 2025 Devolutions