FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions before 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freerdp freerdp |
||
fedoraproject fedora 34 |
||
fedoraproject extra packages for enterprise linux 8.0 |
||
fedoraproject fedora 35 |
||
fedoraproject fedora 36 |