Oval Definition:oval:org.opensuse.security:def:202224882
Revision Date:2022-09-01Version:1
Title:CVE-2022-24882
Description:

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. There are currently no known workarounds.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-24882
SUSE CVE-2022-24882
SUSE-SU-2022:2352-1
SUSE-SU-2022:2353-1
SUSE-SU-2022:2354-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP5
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Module for Package Hub 15 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE Linux Enterprise Workstation Extension 12 SP5
SUSE Linux Enterprise Workstation Extension 15 SP3
SUSE Linux Enterprise Workstation Extension 15 SP4
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed
  • AND Package Information
  • freerdp is affected
  • OR freerdp-devel is affected
  • OR freerdp-proxy is affected
  • OR libfreerdp2 is affected
  • OR libwinpr2 is affected
  • OR winpr2-devel is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Module for Package Hub 15 SP4 is installed
  • AND
  • freerdp-2.4.0-150400.3.3.1 is installed
  • OR freerdp-devel-2.4.0-150400.3.3.1 is installed
  • OR freerdp-proxy-2.4.0-150400.3.3.1 is installed
  • OR libfreerdp2-2.4.0-150400.3.3.1 is installed
  • OR libwinpr2-2.4.0-150400.3.3.1 is installed
  • OR winpr2-devel-2.4.0-150400.3.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP4 is installed
  • AND
  • freerdp-2.4.0-150400.3.3.1 is installed
  • OR freerdp-devel-2.4.0-150400.3.3.1 is installed
  • OR freerdp-proxy-2.4.0-150400.3.3.1 is installed
  • OR libfreerdp2-2.4.0-150400.3.3.1 is installed
  • OR libwinpr2-2.4.0-150400.3.3.1 is installed
  • OR winpr2-devel-2.4.0-150400.3.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
  • AND
  • freerdp-devel-2.1.2-12.23.1 is installed
  • OR libfreerdp2-2.1.2-12.23.1 is installed
  • OR libwinpr2-2.1.2-12.23.1 is installed
  • OR winpr2-devel-2.1.2-12.23.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP5 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed
  • AND
  • freerdp-2.1.2-12.23.1 is installed
  • OR freerdp-proxy-2.1.2-12.23.1 is installed
  • OR freerdp-server-2.1.2-12.23.1 is installed
  • OR libfreerdp2-2.1.2-12.23.1 is installed
  • OR libwinpr2-2.1.2-12.23.1 is installed
    • BACK