This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote host is affected by an information disclosure
The remote Windows host is missing a security update. It is,
therefore, affected by an information disclosure vulnerability due to
a failure to correctly tie the session of the mounting user to the USB
disk being mounted. This issue occurs when the USB disk is mounted
over the Remote Desktop Protocol (RDP) via RemoteFX. An attacker can
exploit this to access the file and directory information on the
mounted USB disk.
See also :
Microsoft has released a set of patches for Windows 2012, 8.1, RT 8.1,
and 2012 R2.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false