Lucene search
K

240 matches found

CVE
CVE
added 2024/11/25 2:46 p.m.65 views

CVE-2024-11671

CVE-2024-11671 concerns Devolutions Remote Desktop Manager on Windows. Multiple sources confirm an improper authentication flaw in the SQL data source MFA validation, enabling an authenticated user to bypass MFA by switching data sources. Affected product/version: Devolutions Remote Desktop Manag...

5.4CVSS7.7AI score0.00513EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/25 2:46 p.m.26 views

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

0.00513EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/25 2:46 p.m.12 views

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

5.9AI score0.00513EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/25 2:46 p.m.19 views

CVE-2024-11672

Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows an authenticated malicious user to bypass the "Add" permission via the import in vault feature...

0.00535EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/25 2:46 p.m.11 views

CVE-2024-11672

Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows an authenticated malicious user to bypass the "Add" permission via the import in vault feature...

4.6AI score0.00535EPSS
Exploits0References1
CVE
CVE
added 2024/11/25 2:46 p.m.64 views

CVE-2024-11672

CVE-2024-11672 affects Devolutions Remote Desktop Manager, with incorrect authorization in the Add permission component prior to 2024.2.22 on Windows. An authenticated user could bypass the Add permission via the vault import feature, exposing integrity (LOW) but not confidentiality/availability ...

4.3CVSS6.9AI score0.00535EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/18 12:0 a.m.4 views

Devolutions Remote Desktop Manager Installed (Windows)

Binary data devolutionsdesktopmanagerwininstalled.nbin...

7.3AI score
Exploits0References1
Cvelist
Cvelist
added 2024/09/25 3:12 p.m.19 views

CVE-2024-7421

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...

0.00152EPSS
Exploits0References1
CVE
CVE
added 2024/09/25 3:12 p.m.78 views

CVE-2024-7421

The vulnerability CVE-2024-7421 affects Devolutions Remote Desktop Manager (versions up to 2024.2.20.0) on Windows. The issue is an information exposure where credentials used for WinSCP sessions can be retrieved by local attackers who can access system logs, via passwords found in command-line a...

5.5CVSS6.5AI score0.00152EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/25 3:12 p.m.13 views

CVE-2024-7421

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...

6.5AI score0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.8 views

PT-2024-6667 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2024.2.20.0 and earlier Description: The issue is related to an information exposure that allows local attackers with access to system logs to obtain session credentials. This occurs via passwords...

5.5CVSS6.6AI score0.00152EPSS
Exploits0References10
CVE
CVE
added 2024/07/16 6:16 p.m.52 views

CVE-2024-6492

Affected software: Devolutions Remote Desktop Manager (Windows)

7.4CVSS6.9AI score0.00599EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/06/26 5:15 p.m.21 views

CVE-2024-6354

Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard...

7.2CVSS0.00786EPSS
Exploits0References1
OSV
OSV
added 2024/06/26 5:15 p.m.3 views

CVE-2024-6354

Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard...

7.2CVSS5.8AI score0.00786EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/26 4:20 p.m.14 views

CVE-2024-6354

Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard...

7AI score0.00786EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/26 4:20 p.m.23 views

CVE-2024-6354

Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard...

0.00786EPSS
Exploits0References1
NVD
NVD
added 2024/06/17 1:15 p.m.21 views

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature...

9.8CVSS0.00921EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/17 1:10 p.m.29 views

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature...

0.00921EPSS
Exploits0References1
CVE
CVE
added 2024/06/17 1:10 p.m.52 views

CVE-2024-6057

CVE-2024-6057 affects Devolutions Remote Desktop Manager (RDM) 2024.1.31.0 and earlier, specifically the vault password feature. The underlying issue is improper authentication that could allow an attacker who already has access to an RDM instance to bypass the vault master password via the offli...

9.8CVSS7AI score0.00921EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/17 1:10 p.m.15 views

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature...

7.4AI score0.00921EPSS
Exploits0References1
Rows per page
Query Builder