Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature.
History

Thu, 29 Aug 2024 21:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: DEVOLUTIONS

Published:

Updated: 2024-08-29T20:09:51.084Z

Reserved: 2024-06-17T13:01:27.989Z

Link: CVE-2024-6057

cve-icon Vulnrichment

Updated: 2024-08-01T21:25:03.229Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-06-17T13:15:53.800

Modified: 2024-11-21T09:48:51.630

Link: CVE-2024-6057

cve-icon Redhat

No data.