CVE-2024-3545

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-281
View all →

Vulnerability Description

Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and earlier on windows and Devolutions Server 2024.1.8 and earlier allows an attacker to access sensitive informations contained in the offline cache file by gaining access to a computer where the software is installed even though the offline mode is disabled.

Related Vulnerabilities

CVE-2017-5033

MEDIUM
CVSS:4.3(Medium)

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote atta...

CWE-2812017

CVE-2019-14956

MEDIUM
CVSS:4.3(Medium)

JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names.

CWE-2812019

CVE-2020-13230

MEDIUM
CVSS:4.3(Medium)

In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).

CWE-2812020

CVE-2021-23963

MEDIUM
CVSS:4.3(Medium)

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This ...

CWE-2812021

CVE-2022-2787

MEDIUM
CVSS:4.3(Medium)

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session.

CWE-2812022

CVE-2022-41708

MEDIUM
CVSS:4.3(Medium)

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. This is possible because the application do...

CWE-2812022