CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1980
https://notcve.org/view.php?id=CVE-2023-1980
11 Apr 2023 — Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries. • https://devolutions.net/security/advisories/DEVO-2023-0009 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1202
https://notcve.org/view.php?id=CVE-2023-1202
23 Mar 2023 — Permission bypass when importing or synchronizing entries in User vault in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision. Permission bypass when importing or synchronizing entries in User vault in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision. • https://devolutions.net/security/advisories/DEVO-2023-0008 • CWE-863: Incorrect Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1574
https://notcve.org/view.php?id=CVE-2023-1574
22 Mar 2023 — Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text. • https://devolutions.net/security/advisories/DEVO-2023-0006 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4287
https://notcve.org/view.php?id=CVE-2022-4287
20 Dec 2022 — Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application. La omisión de autenticación en la función de bloqueo de aplicaciones locales en Devolutions Remote Desktop Manager 2022.3.26 y versiones anteriores en Windows permite que usuarios malintencionados accedan a la aplicación. • https://devolutions.net/security/advisories/DEVO-2022-0011 •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3641
https://notcve.org/view.php?id=CVE-2022-3641
07 Dec 2022 — Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account. La elevación de privilegios en la fuente de datos SQL de Azure en Devolutions Remote Desktop Manager 2022.3.13 a 2022.3.24 permite a un usuario autenticado falsificar una cuenta privilegiada. • https://devolutions.net/security/advisories/DEVO-2022-0010 •