All intelligence
// vulnerability record
live · NVDCVE-2025-1636
MEDIUMpublished 2025-03-13 13:15 UTC · 1 year ago · modified 2026-06-17 08:39 UTC
6.5
CVSS / 10
// description
Exposure of sensitive information in My Personal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenticated user to inadvertently leak the My Personal Credentials in a shared vault via the clear history feature due to faulty business logic.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
// weaknesses (CWE)
- CWE-200
- NVD-CWE-noinfo