CVE-2022-26940

CWE-668Exposure to Wrong Sphere4 documents4 sources
Severity
6.5MEDIUM
EPSS
16.4%
top 5.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Remote Desktop Client FOR Windows DesktopMicrosoft Windows 11 Version 21h2Microsoft Windows Server 2022
Timeline
PublishedMay 10
Latest updateMay 11

Description

Remote Desktop Protocol Client Information Disclosure Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5microsoft/windows_server_202210.0.20348.010.0.20348.707
CVEListV5microsoft/windows_11_version_21h210.0.010.0.22000.675

Patches

Patch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-r3g9-4c8x-fwv7: Remote Desktop Protocol Client Information Disclosure Vulnerability2022-05-11
CVEList
Remote Desktop Protocol Client Information Disclosure Vulnerability2022-05-10

📋Vendor Advisories

1
Microsoft
Remote Desktop Protocol Client Information Disclosure Vulnerability2022-05-10