First published: Tue Jan 24 2023(Updated: )
The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions Remote Desktop Manager 2022.3.29 to 2022.3.30 allows a user to save sensitive data on disk.
Credit: security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Remote Desktop Manager | =2022.3.29 | |
Devolutions Remote Desktop Manager | =2022.3.30 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-0463.
The title of the vulnerability is 'The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions Remote Desktop Manager 2022.3.29 to 2022.3.30 allows a user to save sensitive data on disk.'
Devolutions Remote Desktop Manager 2022.3.29 and 2022.3.30 are affected by this vulnerability.
The severity of the vulnerability is low (CVSS score 3.3).
There is no specific fix mentioned in the reference link provided, so it is recommended to update to the latest version of Devolutions Remote Desktop Manager to mitigate the vulnerability.