Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data.
This issue affects :
Remote Desktop Manager 2022.2.26 and prior versions.
Devolutions Server 2022.3.1 and prior versions.
References
Link | Resource |
---|---|
https://devolutions.net/security/advisories/DEVO-2022-0009 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:51
Type | Values Removed | Values Added |
---|---|---|
Summary | Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote Desktop Manager 2022.2.26 and prior versions. Devolutions Server 2022.3.1 and prior versions. |
21 Jul 2023, 20:19
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-522 |
03 Nov 2022, 17:18
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://devolutions.net/security/advisories/DEVO-2022-0009 - Vendor Advisory | |
CWE | CWE-311 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Devolutions devolutions Server
Devolutions remote Desktop Manager Devolutions |
|
CPE | cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:* cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:* |
01 Nov 2022, 19:40
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-01 19:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-3781
Mitre link : CVE-2022-3781
CVE.ORG link : CVE-2022-3781
JSON object : View
Products Affected
devolutions
- devolutions_server
- remote_desktop_manager