Описание
Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024.1.32.0 (исключая)Версия до 2024.1.32.0 (исключая)
Одно из
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*
EPSS
Процентиль: 47%
0.00238
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature.
EPSS
Процентиль: 47%
0.00238
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-287