Vulnerabilities > Devolutions > Remote Desktop Manager > 2023.3.31.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-7421 | Information Exposure Through Log Files vulnerability in Devolutions Remote Desktop Manager An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions | 5.5 |
| 2024-03-13 | CVE-2024-2403 | Incomplete Cleanup vulnerability in Devolutions Remote Desktop Manager Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory. | 5.9 |
| 2024-01-31 | CVE-2024-0589 | Cross-site Scripting vulnerability in Devolutions Remote Desktop Manager Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry. | 5.4 |
| 2023-12-21 | CVE-2023-7047 | Unspecified vulnerability in Devolutions Remote Desktop Manager Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. | 4.4 |