CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
49.9%
libxrdp.so is vulnerable to Improper Handling Of Exceptional Conditions. The vulnerability is caused by not handling session establishment exceptions appropriately in the auth_start_session
function in the sesman/libsesman/verify_user_pam.c
file. An attacker can bypass OS-level session restrictions by exploiting this vulnerability, bypassing max concurrent sessions per user if if PAM restrictions are configured.
github.com/neutrinolabs/xrdp/blame/9bbb2ec68f390504c32f2062847aa3d821a0089a/sesman/sesexec/session.c#L571C5-L571C19
github.com/neutrinolabs/xrdp/commit/a111a0fdfe2421ef600e40708b5f0168594cfb23
github.com/neutrinolabs/xrdp/security/advisories/GHSA-f489-557v-47jq
lists.fedoraproject.org/archives/list/[email protected]/message/SOT237TIHTHPX5YNIWLVNINOEYC7WMG2/
lists.fedoraproject.org/archives/list/[email protected]/message/U5IXMQODV3OIJ7DRQBUQV7PUKNT7SH36/
lists.fedoraproject.org/archives/list/[email protected]/message/URO3FKTFBPNKFARAQBEJLI4MH6YS35P5/