Security & Compliance

DEVO-2023-0001

Summary

Remote Desktop Manager is affected by a low severity vulnerability.

Affected Products

Remote Desktop Manager 2022.3.29 to 2022.3.30.

Change Log

Initial publication - 2023-01-24

Severity

Low

Product

Remote Desktop Manager

Fix Version

2022.3.31

Offline mode MFA bypass

Description

The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions Remote Desktop Manager 2022.3.29 to 2022.3.30 allows a user to save sensitive data on disk.

Remediation and Workarounds

Upgrade to Remote Desktop Manager 2022.3.31 and later.

Severity

Low - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products

Remote Desktop Manager 2022.3.29 to 2022.3.30.

CVE(s)

CVE-2023-0463