Vulnerabilities > CVE-2023-7047 - Unspecified vulnerability in Devolutions Remote Desktop Manager

047910
CVSS 4.4 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
local
low complexity
devolutions
NVD
Published: 2023-12-21
Updated: 2024-10-29

Summary

Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL data sources.

Vulnerable Configurations

Part Description Count
Application
Devolutions
212
OS
Microsoft
1

References