Permission bypass when importing or synchronizing entriesย in User vault
in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision.
[
{
"defaultStatus": "unaffected",
"product": "Remote Desktop Manager",
"vendor": "Devolutions",
"versions": [
{
"lessThanOrEqual": "2023.1.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]