The summary by CVE is:Īn information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity, aka 'Remote Desktop Connection Manager Information Disclosure Vulnerability'. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. Using CWE to declare the problem leads to CWE-200. The manipulation with an unknown input leads to a information disclosure vulnerability. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability, which was classified as problematic, has been found in Microsoft Remote Desktop Connection Manager 2.7. The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.
0 kommentar(er)
