CVE-2022-3781

MEDIUM Year: 2022
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-311
View all →

Vulnerability Description

Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote Desktop Manager 2022.2.26 and prior versions. Devolutions Server 2022.3.1 and prior versions.

Related Vulnerabilities

CVE-2010-3299

MEDIUM
CVSS:6.5(Medium)

The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.

CWE-3112010

CVE-2017-12716

MEDIUM
CVSS:6.5(Medium)

Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communications to programmers and home monitoring units. Additionall...

CWE-3112017

CVE-2017-14953

MEDIUM
CVSS:6.5(Medium)

HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi enc...

CWE-3112017

CVE-2018-4855

MEDIUM
CVSS:6.5(Medium)

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission...

CWE-3112018

CVE-2018-5185

MEDIUM
CVSS:6.5(Medium)

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

CWE-3112018

CVE-2019-1003088

MEDIUM
CVSS:6.5(Medium)

Jenkins Fabric Beta Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the mast...

CWE-3112019