Lucene search

[email protected]NVD:CVE-2024-32661

HistoryApr 23, 2024 - 8:15 p.m.

CVE-2024-32661

2024-04-2320:15:07

CWE-476

[email protected]

web.nvd.nist.gov

freerdp

remote desktop protocol

vulnerability

patch

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

JSON

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible NULL access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

References

github.com/FreeRDP/FreeRDP/commit/71e463e31b4d69f4022d36bfc814592f56600793

github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p5m5-342g-pv9m

lists.fedoraproject.org/archives/list/[email protected]/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/

lists.fedoraproject.org/archives/list/[email protected]/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/

lists.fedoraproject.org/archives/list/[email protected]/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/

lists.fedoraproject.org/archives/list/[email protected]/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

JSON

Related for NVD:CVE-2024-32661

amazon1 veracode1 osv3 cgr1 ubuntucve1 cvelist1 nessus11 cve1 debiancve1 redhatcve1 wolfi1 ubuntu2 openvas7 fedora4