7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.002 Low
EPSS
Percentile
60.9%
Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of
instruction elements sent during the Guacamole protocol handshake,
potentially allowing an attacker to inject Guacamole instructions during
the handshake through specially-crafted data.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | guacamole-client | < any | UNKNOWN |
ubuntu | 16.04 | noarch | guacamole-client | < any | UNKNOWN |