PT-2023-16818 · Devolutions · Devolutions Remote Desktop Manager Powershell Module
Published
2023-03-06
·
Updated
2023-03-15
·
CVE-2023-1203
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Devolutions Remote Desktop Manager PowerShell Module versions 2022.3.1.5 and earlier
Description
The issue is related to the improper removal of sensitive data in the entry edit feature of the Hub Business submodule. This allows an authenticated user to access sensitive data on entries that were edited using the affected submodule.
Recommendations
For versions 2022.3.1.5 and earlier, update to a version that contains a fix for this issue to prevent unauthorized access to sensitive data.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Devolutions Remote Desktop Manager Powershell Module