Описание
Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a configuration different from the one mandated by the system administrators.
This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024.3.31.0 (исключая)Версия до 2024.3.31.0 (исключая)Версия от 2025.1.24.0 (включая) до 2025.1.26.0 (исключая)Версия от 2025.1.24.0 (включая) до 2025.1.26.0 (исключая)
Одно из
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
3.6 Low
CVSS3
Дефекты
CWE-285
Связанные уязвимости
CVSS3: 3.6
github
11 месяцев назад
Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a configuration different from the one mandated by the system administrators. This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.
EPSS
Процентиль: 14%
0.00047
Низкий
3.6 Low
CVSS3
Дефекты
CWE-285