CVE-2020-9497

LOW

Description

Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the connection.

References

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44525

https://lists.apache.org/thread.html/[email protected]%3Cuser.guacamole.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/r65f75d3d65d1af68141f42071ebb27dda24af3e45570e593c1dbd81f%40%3Cannounce.guacamole.apache.org%3E

https://lists.debian.org/debian-lts-announce/2020/11/msg00010.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/TVV5K2X4EXSAVUUL7IJ3MUJ3ADWMVSBM/

https://lists.fedoraproject.org/archives/list/[email protected]/message/WNS7UHBOFV6JHWH5XOEZTE3BREGRSSQ3/

https://research.checkpoint.com/2020/apache-guacamole-rce/

Details

Source: MITRE

Published: 2020-07-02

Updated: 2021-01-04

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 1.2

Vector: AV:L/AC:H/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 1.9

Severity: LOW

CVSS v3.0

Base Score: 4.4

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 0.8

Severity: MEDIUM

Tenable Plugins

View all (3 total)

ID	Name	Product	Family	Severity
144701	Fedora 33 : guacamole-server (2020-640645e518)	Nessus	Fedora Local Security Checks	medium
144652	Fedora 32 : guacamole-server (2020-bfde0ab889)	Nessus	Fedora Local Security Checks	medium
142632	Debian DLA-2435-1 : guacamole-server security update	Nessus	Debian Local Security Checks	medium