Описание
Exposure of sensitive information in My Personal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenticated user to inadvertently leak the My Personal Credentials in a shared vault via the clear history feature due to faulty business logic.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024.3.31.0 (исключая)Версия до 2024.3.31.0 (исключая)
Одно из
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*
EPSS
Процентиль: 37%
0.00155
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.5
github
11 месяцев назад
Exposure of sensitive information in My Personnal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenticated user to inadvertently leak the My Personnal Credentials in a shared vault via the clear history feature due to faulty business logic.
EPSS
Процентиль: 37%
0.00155
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo