Lucene search

[email protected]CVE-2022-26940

HistoryMay 10, 2022 - 9:15 p.m.

CVE-2022-26940

2022-05-1021:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

136

cve

2022

26940

remote desktop protocol

client

information disclosure

vulnerability

nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

7.6 High

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.038 Low

EPSS

Percentile

91.7%

JSON

Remote Desktop Protocol Client Information Disclosure Vulnerability

VendorProductVersionCPE
microsoftremote_desktop*cpe:2.3:a:microsoft:remote_desktop:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_11_21h2*cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	remote_desktop	*	cpe:2.3:a:microsoft:remote_desktop::::::::
microsoft	windows_server_2022	*	cpe:2.3:o:microsoft:windows_server_2022::::::::
microsoft	windows_11_21h2	*	cpe:2.3:o:microsoft:windows_11_21h2::::::::