Lucene search

K
freebsdFreeBSDBA94433C-7890-11ED-859E-1C61B4739AC9
HistoryDec 01, 2022 - 12:00 a.m.

xrdp -- multiple vulnerabilities

2022-12-0100:00:00
vuxml.freebsd.org
14
xrdp
security vulnerabilities
cve-2022-23468
cve-2022-23477
team bt5

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

57.6%

xrdp project reports:

This update is recommended for all xrdp users and provides following important security fixes:

CVE-2022-23468
CVE-2022-23477
CVE-2022-23478
CVE-2022-23479
CVE-2022-23480
CVE-2022-23481
CVE-2022-23483
CVE-2022-23482
CVE-2022-23484
CVE-2022-23493

These security issues are reported by Team BT5 (BoB 11th). We appreciate their great help with making and reviewing patches.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchxrdp< 0.9.21UNKNOWN

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

57.6%