CVE-2022-1342

A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive information. This issue affects: Devolutions Remote Desktop Manager 2022.1.24 version and prior versions.
Configurations

Configuration 1 (hide)

cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:40

Type Values Removed Values Added
References () https://devolutions.net/security/advisories/DEVO-2022-0003 - Vendor Advisory () https://devolutions.net/security/advisories/DEVO-2022-0003 - Vendor Advisory

Information

Published : 2022-06-15 17:15

Updated : 2024-11-21 06:40


NVD link : CVE-2022-1342

Mitre link : CVE-2022-1342

CVE.ORG link : CVE-2022-1342


JSON object : View

Products Affected

devolutions

  • remote_desktop_manager
CWE
CWE-549

Missing Password Field Masking

CWE-522

Insufficiently Protected Credentials