Home / Early Warning / Vulnerabilidades / CVE-2020-13396

CVE-2020-13396

Type: 
Out-of-bounds Read
Severity: 
Medium
Publication date: 
05/22/2020
Last modified: 
06/01/2020
Description
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Requires a single instance to exploit
Impact Type: No impact on system integrity + Partially affects on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
Explanation of fields