Security & Compliance

DEVO-2023-0006

Summary

Remote Desktop Manager MSSQL data source is affected by a vulnerability.

Affected Products

Remote Desktop Manager 2023.1.9 and below

Change Log

Initial publication - 2023-03-22

Severity

Low

Products

Remote Desktop Manager

Fix Version

2023.1.10

Password disclosure in the error dialog of the user creation feature of MSSQL.

Description

Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text.

Remediation and Workarounds

Upgrade to Remote Desktop Manager 2023.1.10 and higher.

Severity

Low - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Products

Remote Desktop Manager 2023.1.9 and below.

CVE(s)

CVE-2023-1574

Helping organizations control the IT chaos by providing highly-secure password, remote connection and privileged access management solutions.

DEVOLUTIONS

Legal & privacy | infos@devolutions.net

All rights reserved © 2025 Devolutions