The affected software discloses password hashes of other users upon request. This issue affects: Devolutions Remote Desktop Manager 2022.1.24 version and prior versions.Ī vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive information. Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.Ī lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. A plaintext HTTP request can lead to a disclosure of login credentials.
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain textĪn information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7.
Please take the time to watch a video on our YouTube channel that presents an excellent overview of using these new features : As always, use our forums to ask questions and get help in case you run into issues, and use our online help to get all the configuration details.Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific situations. With our latest improvements you have access to that shared information directly from within Remote Desktop Manager, it’s totally seamless! Want to know more? The Entreprise subscription level of LastPass allows you to share logins between individuals. This allows you to still store your credentials in LastPass, and link directly from Remote Desktop Manager while maintaining a high level of security. LastPass supports many two-factor authentication services, but we started by implementing support for the two solutions that Remote Desktop Manager already supported : Yubikey and Google Authenticator. The two areas we addressed are the Two-Factor authentication and the Shared Folders. Being a credential management tool used by many users or our community, we felt it was important to enrich Remote Desktop Manager’s integration with LastPass. Hello everyone, LastPass has implemented subscription plans for personal as well as Enterprise users, and has added features to all of their plans.