How severe is CVE-2025-5334?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2025-5334?

This is classified as CWE-359, which is a common weakness in software security.

CVE-2025-5334 - HIGH Severity | CVSS 7.5

Vulnerability Description

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal information. Under specific circumstances, entries may be unintentionally moved from user vaults to shared vaults when edited by their owners, making them accessible to other users. This issue affects the following versions : * Remote Desktop Manager Windows 2025.1.34.0 and earlier

Related Vulnerabilities

CVE-2021-36723

HIGH

CVSS:7.5(High)

Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service.

CWE-3592021

CVE-2022-36091

HIGH

CVSS:7.5(High)

XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. Through the suggestion feature, string and list properties of objects the user shouldn't have access to can be a...

CWE-3592022

CVE-2022-41936

HIGH

CVSS:7.5(High)

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The `modifications` rest endpoint does not filter out entries according to the user's rights. T...

CWE-3592022

CVE-2023-2703

HIGH

CVSS:7.5(High)

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users....

CWE-3592023

CVE-2023-35151

HIGH

CVSS:7.5(High)

XWiki Platform is a generic wiki platform. Starting in version 7.3-milestone-1 and prior to versions 14.4.8, 14.10.6, and 15.1, ny user can call a REST endpoint and obtain the obfuscated passwords, ev...

CWE-3592023

CVE-2023-5983

HIGH

CVSS:7.5(High)

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Botanik Software Pharmacy Automation allows Retrieve Embedded Sensitive Data.This issue affects Pharmacy Automation: ...

CWE-3592023