Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via stealing the configuration file.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://devolutions.net/security/advisories/DEVO-2024-0008 |
History
Wed, 30 Oct 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-212 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: DEVOLUTIONS
Published: 2024-06-17T12:55:28.759Z
Updated: 2024-10-30T19:14:03.801Z
Reserved: 2024-06-17T12:41:04.564Z
Link: CVE-2024-6055
Vulnrichment
Updated: 2024-08-01T21:25:03.279Z
NVD
Status : Awaiting Analysis
Published: 2024-06-17T13:15:53.697
Modified: 2024-11-21T09:48:51.270
Link: CVE-2024-6055
Redhat
No data.