Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-3545

Опубликовано: 09 апр. 2024
Источник: nvd
CVSS3: 4.3
EPSS Низкий

Описание

Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and earlier on windows and Devolutions Server 2024.1.8 and earlier allows an attacker to access sensitive informations contained in the offline cache file by gaining access to a computer where the software is installed even though the offline mode is disabled.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*
Версия до 2024.1.9.0 (исключая)
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*
Версия до 2024.1.21.0 (исключая)
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*
Версия до 2024.1.21.0 (исключая)

EPSS

Процентиль: 36%
0.00151
Низкий

4.3 Medium

CVSS3

Дефекты

CWE-281

Связанные уязвимости

github логотип

GHSA-mxcm-w7fm-9qr2

CVSS3: 4.3
github
почти 2 года назад

Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and earlier on windows and Devolutions Server 2024.1.8 and earlier allows an attacker to access sensitive informations contained in the offline cache file by gaining access to a computer where the software is installed even though the offline mode is disabled.

EPSS

Процентиль: 36%
0.00151
Низкий

4.3 Medium

CVSS3

Дефекты

CWE-281