First published: Mon Mar 06 2023(Updated: )
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected submodule.
Credit: security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Remote Desktop Manager | <2022.3.1.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-1203.
The title of this vulnerability is 'Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolution…'.
The severity of CVE-2023-1203 is medium with a CVSS score of 6.5.
The versions affected by CVE-2023-1203 are Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier (up to exclusive version 2022.3.1.6).
An authenticated user can exploit this vulnerability to access sensitive data on entries that were edited using the affected Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module.