Описание
Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the connection.
Ссылки
- Third Party Advisory
- Mailing ListVendor Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListVendor Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
4.4 Medium
CVSS3
1.2 Low
CVSS2
Дефекты
Связанные уязвимости
Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the connection.
Apache Guacamole 1.1.0 and older do not properly validate datareceived ...
Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the connection.
EPSS
4.4 Medium
CVSS3
1.2 Low
CVSS2