Unencrypted Password Vulnerability in Devolutions Remote Desktop Manager and Devolutions Server

Unencrypted Password Vulnerability in Devolutions Remote Desktop Manager and Devolutions Server

CVE-2022-3781 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Dashlane password and Keepass Server password in My Account Settings  are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote Desktop Manager 2022.2.26 and prior versions. Devolutions Server 2022.3.1 and prior versions.

Learn more about our Cis Benchmark Audit For Desktop Software.