Devolutions: >> Devolutions Server >> 2022.2.0 Security Vulnerabilities
Improper access controls on entries in Devolutions Server
2022.3.12 and earlier could allow an authenticated user to access
sensitive data without proper authorization.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-03-01
Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-03-01
Dashlane password and Keepass Server password in My Account SettingsĀ are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data.
This issue affects :
Remote Desktop Manager 2022.2.26 and prior versions.
Devolutions Server 2022.3.1 and prior versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-11-01
Page 6