CVE-2023-7047

Inadequate validation of permissions when employing remote tools and 
macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and 
earlier permits a user to initiate a connection without proper execution
 rights via the remote tools feature. This affects only SQL data sources.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
DEVOLUTIONSCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
devolutionsremote_desktop_manager
𝑥
≤ 2023.3.31.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://devolutions.net/security/advisories/DEVO-2023-0024/
https://devolutions.net/security/advisories/DEVO-2023-0024/