2022.3.24

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

devolutions

NVD

Published: 2022-12-12

Updated: 2023-11-07

Summary

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.

Vulnerable Configurations

Part	Description	Count
Application	Devolutions Devolutions Remote Desktop Manager 2022.3.13 Devolutions Remote Desktop Manager 2022.3.24	2

References

https://devolutions.net/security/advisories/DEVO-2022-0010