Information disclosure vulnerability in Microsoft Windows when a USB disk mounted over Remote Desktop Protocol (RDP)ID: oval:org.secpod.oval:def:34306 | Date: (C)2016-05-11 (M)2021-06-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows Server 2012, Windows 8.1 or Server 2012 R2 and is prone to an information disclosure vulnerability. A flaw is present in the Microsoft RemoteFX, which is not correctly tied to the session of the mounting user. An attacker who successfully exploited this vulnerability could obtain access to file and directory information on the mounting users USB disk.
Platform: |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |