Home

CVE-2014-0296

Description

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify session content by sending crafted RDP packets, aka RDP MAC Vulnerability.

Risk Information

Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
29.869

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Windows 7 (KB2965788) x86 based systemsWindows
Security Update for Windows 8 (KB2965788)Windows
Security Update for Windows 8.1 (KB2965788)Windows
Security Update for Windows 7 for x64-based Systems (KB2965788)Windows
Security Update for Windows 8 for x64-based Systems (KB2965788)Windows
Security Update for Windows Server 2012 (KB2965788)Windows
Security Update for Windows 8.1 for x64-based Systems (KB2965788)Windows
Security Update for Windows Server 2012 R2 (KB2965788)Windows
Security Update for Windows 7 (KB2965788) x86 based systems for SP1Windows
Security Update for Windows 7 for x64-based Systems (KB2965788) for SP1Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-15622Security Update for Windows 7 (KB2965788)
PATCH-15623Security Update for Windows 8 (KB2965788)
PATCH-15624Security Update for Windows 8.1 (KB2965788)
PATCH-15625Security Update for Windows 7 for x64-based Systems (KB2965788)
PATCH-15626Security Update for Windows 8 for x64-based Systems (KB2965788)
PATCH-15627Security Update for Windows Server 2012 (KB2965788)
PATCH-15628Security Update for Windows 8.1 for x64-based Systems (KB2965788)
PATCH-15629Security Update for Windows Server 2012 R2 (KB2965788)
PATCH-15630Security Update for Windows 7 (KB2965788)
PATCH-15631Security Update for Windows 7 for x64-based Systems (KB2965788)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234