Описание
Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via stealing the configuration file.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024.2.8.0 (исключая)Версия до 2024.2.8.0 (исключая)
Одно из
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*
EPSS
Процентиль: 42%
0.00197
Низкий
4.7 Medium
CVSS3
Дефекты
CWE-212
Связанные уязвимости
CVSS3: 4.7
github
больше 1 года назад
Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via stealing the configuration file.
EPSS
Процентиль: 42%
0.00197
Низкий
4.7 Medium
CVSS3
Дефекты
CWE-212