CVE-2022-24883
Published: 26 April 2022
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might be successful for invalid credentials if the server has configured an invalid `SAM` file path. FreeRDP based clients are not affected. RDP server implementations using FreeRDP to authenticate against a `SAM` file are affected. Version 2.7.0 contains a fix for this issue. As a workaround, use custom authentication via `HashCallback` and/or ensure the `SAM` database path configured is valid and the application has file handles left.
Priority
Status
Package | Release | Status |
---|---|---|
freerdp Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
upstream |
Needs triage
|
|
freerdp2 Launchpad, Ubuntu, Debian |
bionic |
Released
(2.2.0+dfsg1-0ubuntu0.18.04.3)
|
focal |
Released
(2.2.0+dfsg1-0ubuntu0.20.04.3)
|
|
impish |
Released
(2.3.0+dfsg1-2ubuntu0.2)
|
|
jammy |
Released
(2.6.1+dfsg1-3ubuntu2.1)
|
|
kinetic |
Not vulnerable
(2.7.0+dfsg1-1)
|
|
lunar |
Not vulnerable
(2.7.0+dfsg1-1)
|
|
upstream |
Released
(2.7.0+dfsg1-1)
|
|
Patches: upstream: https://github.com/FreeRDP/FreeRDP/commit/4661492e5a617199457c8074bad22f766a116cdc upstream: https://github.com/FreeRDP/FreeRDP/commit/6f473b273a4b6f0cb6aca32b95e22fd0de88e144 upstream: https://github.com/FreeRDP/FreeRDP/commit/52f3e5139f7c75258b95ac49f53b8ca49e63f1e2 (2.x) |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 9.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |