← volver
CVE-2019-1225

Remote Desktop Protocol Server Information Disclosure Vulnerability

CVSS 7.5 HIGHEPSS 9.5%
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.5EPSS 9.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
14 ago 2019Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP server initializes memory.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C