First published: Tue Nov 01 2022(Updated: )
Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data. This issue affects : Remote Desktop Manager 2022.3.7 and prior versions.
Credit: security@devolutions.net security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Remote Desktop Manager | <2022.3.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-3780.
The severity of CVE-2022-3780 is high with a score of 7.5.
Remote Desktop Manager 2022.3.7 and prior versions are affected by CVE-2022-3780.
CVE-2022-3780 allows deleted users to access unauthorized data.
Update to Remote Desktop Manager version 2022.3.8 or later to fix CVE-2022-3780.