exploitDog

CVE-2023-4373

Опубликовано: 21 авг. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.

Ссылки

https://devolutions.net/security/advisories/DEVO-2023-0015/
Vendor Advisory
https://devolutions.net/security/advisories/DEVO-2023-0015/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:*

Версия до 2023.2.19 (включая)

EPSS

Процентиль: 37%

0.00159

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-287

CWE-287

Связанные уязвимости

GHSA-g573-g24h-r48v

CVSS3: 9.8

github

больше 2 лет назад

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.

EPSS

Процентиль: 37%

0.00159

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-287

CWE-287