What is CVE-2022-3781?

CVE-2022-3781 is a medium-severity vulnerability in Devolutions Server, classified under Missing Encryption of Sensitive Data. CVSS score: 6.5/10. Published 2022-11-01.

How severe is CVE-2022-3781?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Devolutions Server

CVE-2022-3781

Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows data…

EPSS: 0.004 (34.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Devolutions Server — versions 0
Devolutions Devolutions_server
Devolutions Remote Desktop Manager — versions 0
Devolutions Remote_desktop_manager

Weakness classification (CWE)

References

security@devolutions.net (Vendor Advisory)

Frequently asked questions

What is CVE-2022-3781?: CVE-2022-3781 is a medium-severity vulnerability in Devolutions Server, classified under Missing Encryption of Sensitive Data. CVSS score: 6.5/10. Published 2022-11-01.
How severe is CVE-2022-3781?: Medium severity. CVSS v3 base score is 6.5 out of 10.