Описание
No access control for the OTP key
on OTP entries
in Devolutions Remote Desktop Manager Windows 2022.3.33.0 and prior versions and Remote Desktop Manager Linux 2022.3.2.0 and prior versions allows non admin users to see OTP keys via the user interface.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2022.3.2.0 (включая)Версия до 2022.3.33.0 (включая)
Одно из
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:linux:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 42%
0.00201
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-732
CWE-732
Связанные уязвимости
CVSS3: 4.3
github
больше 2 лет назад
No access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager Windows 2022.3.33.0 and prior versions and Remote Desktop Manager Linux 2022.3.2.0 and prior versions allows non admin users to see OTP keys via the user interface.
EPSS
Процентиль: 42%
0.00201
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-732
CWE-732