Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-3641: DEVO-2022-0010

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.

CVE
Open in Source
#sql#auth

Security & Compliance Reporting a Security Issue Advisories

Affected Products

Remote Desktop Manager 2022.3.13 to 2022.3.24.

Change Log

Initial publication - 2022-12-7

Product

Remote Desktop Manager

Summary

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.

Remote Desktop Manager Azure SQL privilege escalation

Description

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.

Remediation and Workarounds

Update to Remote Desktop Manager 2022.3.26 or higher.

Severity

High - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Products

Remote Desktop Manager 2022.3.13 to 2022.3.24

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE