CVE-2022-3780 - AskarLabs CVE Database

CVE-2022-3780

Vendor Devolutions

Product Remote Desktop Manager

Weakness CWE-284

Published November 1, 2022

Last update May 5, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data. This issue affects : Remote Desktop Manager 2022.3.7 and prior versions.

Key dates

02Disclosure timeline

November 1, 2022 CVE published

May 5, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-3780 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

04Related CVE

CVE-2022-4684 Improper Access Control in usememos/memos CVE-2022-1656 JupiterX Theme <= 2.0.6 and JupiterX Core <= 2.0.6 - Authenticated Arbitrary Plugin Deactivation and Settings Modification CVE-2025-47989 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability CVE-2020-7278 McAfee firewall rules not enforced correctly CVE-2024-1476 Under Construction / Maintenance Mode from Acurax <= 2.6 - Information Exposure