Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and earlier on windows and Devolutions Server 2024.1.8 and earlier allows an attacker to access sensitive informations contained in the offline cache file by gaining access to a computer where the software is installed even though the offline mode is disabled.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://devolutions.net/security/advisories/DEVO-2024-0006 |
History
Mon, 04 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-281 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published: 2024-04-09T19:01:43.329Z
Updated: 2024-11-04T16:46:03.419Z
Reserved: 2024-04-09T18:43:05.078Z
Link: CVE-2024-3545
Vulnrichment
Updated: 2024-08-01T20:12:07.633Z
NVD
Status : Awaiting Analysis
Published: 2024-04-09T19:15:41.380
Modified: 2024-11-21T09:29:50.790
Link: CVE-2024-3545
Redhat
No data.