1222 matches found
CVE-2023-1939
CVE-2023-1939 concerns a lack of access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager. Affected products: Windows 2022.3.33.0 and prior; Linux 2022.3.2.0 and prior. Impact: non-admin users can view OTP keys via the user interface. Root cause: insufficient authorizat...
CVE-2023-1980
Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries...
CVE-2023-1980
CVE-2023-1980: Devolutions Remote Desktop Manager (versions ≤ 2022.3.35) contains a two-factor authentication bypass that lets an attacker cancel 2FA via the application UI and access entries. The vulnerability is evidenced in multiple databases (NVD, CVE listings) with a CVSSv3.1 base score of 6...
CVE-2023-1980
Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries...
Devolutions Remote Desktop Manager 安全漏洞
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2022.3.35 and earlier, which originates from allowing users to cancel two-factor...
CVE-2023-1603
Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision...
CVE-2023-1580
Uncontrolled resource consumption in the logging feature in Devolutions Gateway 2023.1.1 and earlier allows an attacker to cause a denial of service by filling up the disk and render the system unusable...
CVE-2023-1574
Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text...
CVE-2023-1603
Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision...
CVE-2023-1202
Permission bypass when importing or synchronizing entries in User vault in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision...
CVE-2023-1580
Uncontrolled resource consumption in the logging feature in Devolutions Gateway 2023.1.1 and earlier allows an attacker to cause a denial of service by filling up the disk and render the system unusable...
Design/Logic Flaw
Uncontrolled resource consumption in the logging feature in Devolutions Gateway 2023.1.1 and earlier allows an attacker to cause a denial of service by filling up the disk and render the system unusable...
Authentication flaw
Permission bypass when importing or synchronizing entries in User vault in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision...
Information disclosure
Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text...
Authentication flaw
Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision...
Devolutions Server 安全漏洞
Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2022.3.13 and prior versions that originates from a privilege bypass when importing or synchronizin...
Devolutions Gateway 资源管理错误漏洞
Devolutions Gateway is a fast relay server from Devolutions Canada that adapts to different protocols and required traffic inspection levels. A security vulnerability exists in Devolutions Gateway version 2023.1.1 and prior versions that stems from uncontrolled resource consumption in the logging...
Devolutions Remote Desktop Manager 安全漏洞
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2023.1.9 and prior versions, which arises from a vulnerability that allows users with...
Devolutions Remote Desktop Manager 安全漏洞
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager 2023.1.9 and earlier, which stems from an information disclosure vulnerability that could allow ...
CVE-2023-1603
Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision...