CVE Vulnerabilities

CVE-2024-6492

Insufficiently Protected Credentials

Published: Jul 16, 2024 | Modified: Mar 28, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote Desktop Manager 2024.2.14.0 and earlier on Windows allows an attacker to intercept proxy credentials via a specially crafted website.

Weakness

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Software

Name Vendor Start Version End Version
Remote_desktop_manager Devolutions * 2024.2.15.0 (excluding)

Potential Mitigations

References