CVE-2022-24883
Published: 26 April 2022
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might be successful for invalid credentials if the server has configured an invalid `SAM` file path. FreeRDP based clients are not affected. RDP server implementations using FreeRDP to authenticate against a `SAM` file are affected. Version 2.7.0 contains a fix for this issue. As a workaround, use custom authentication via `HashCallback` and/or ensure the `SAM` database path configured is valid and the application has file handles left.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
freerdp Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| upstream |
Needs triage
|
|
|
freerdp2 Launchpad, Ubuntu, Debian |
bionic |
Released
(2.2.0+dfsg1-0ubuntu0.18.04.3)
|
| focal |
Released
(2.2.0+dfsg1-0ubuntu0.20.04.3)
|
|
| impish |
Released
(2.3.0+dfsg1-2ubuntu0.2)
|
|
| jammy |
Released
(2.6.1+dfsg1-3ubuntu2.1)
|
|
| kinetic |
Not vulnerable
(2.7.0+dfsg1-1)
|
|
| lunar |
Not vulnerable
(2.7.0+dfsg1-1)
|
|
| upstream |
Released
(2.7.0+dfsg1-1)
|
|
| mantic |
Not vulnerable
(2.7.0+dfsg1-1)
|
|
|
Patches: upstream: https://github.com/FreeRDP/FreeRDP/commit/4661492e5a617199457c8074bad22f766a116cdc upstream: https://github.com/FreeRDP/FreeRDP/commit/6f473b273a4b6f0cb6aca32b95e22fd0de88e144 upstream: https://github.com/FreeRDP/FreeRDP/commit/52f3e5139f7c75258b95ac49f53b8ca49e63f1e2 (2.x) |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 9.8 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |