Vulnerabilities > Devolutions > Remote Desktop Manager > 2022.3.16.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-2282 | Unspecified vulnerability in Devolutions Remote Desktop Manager Improper access control in the Web Login listener in Devolutions Remote Desktop Manager 2023.1.22 and earlier on Windows allows an authenticated user to bypass administrator-enforced Web Login restrictions and gain access to entries via an unexpected vector. | 6.5 |
| 2023-04-11 | CVE-2023-1980 | Unspecified vulnerability in Devolutions Remote Desktop Manager Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries. | 6.5 |
| 2023-04-02 | CVE-2023-1202 | Incorrect Authorization vulnerability in Devolutions Remote Desktop Manager Permission bypass when importing or synchronizing entries in User vault in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision. | 6.5 |
| 2022-12-21 | CVE-2022-4287 | Unspecified vulnerability in Devolutions Remote Desktop Manager Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application. | 8.8 |
| 2022-12-12 | CVE-2022-3641 | Unspecified vulnerability in Devolutions Remote Desktop Manager Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account. | 8.8 |