Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-6593: Devolutions

Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.

CVE
#sql#vulnerability#ios

DEVO-2023-0023****Summary

Remote Desktop Manager iOS is affected by a vulnerability.

Affected Products

Remote Desktop Manager iOS 2023.3.4.0 and earlier

Change Log

2023-12-12 - Initial publication

Severity

Low

Product

Remote Desktop Manager iOS

Fix Version

2023.3.5.0

Client side permission bypass in Remote Desktop Manager iOS****Description

Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.

Remediation and Workarounds

Upgrade to Remote Desktop Manager iOS 2023.3.5.0 or higher

Severity

2.3 Low - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/U:Green

Affected Products

Remote Desktop Manager iOS 2023.3.4.0 and earlier

CVE(s)

CVE-2023-6593

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907