Unrated severityNVD Advisory· Published Apr 9, 2024· Updated Nov 4, 2024

CVE-2024-3545

Description

Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and earlier on windows and Devolutions Server 2024.1.8 and earlier allows an attacker to access sensitive informations contained in the offline cache file by gaining access to a computer where the software is installed even though the offline mode is disabled.

Affected products

Devolutions/Remote Desktop Managerllm-fuzzy2 versions
<=2024.1.20+ 1 more
- (no CPE)range: <=2024.1.20
- (no CPE)range: 0
Kaltura/Serverllm-fuzzy
Range: <=2024.1.8
Devolutions/Serverv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

devolutions.net/security/advisories/DEVO-2024-0006mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000