CVE-2021-38665: Remote Desktop Protocol Client Information Disclosure Vulnerability
First published: Wed Nov 10 2021(Updated: )
Remote Desktop Protocol Client Information Disclosure Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Remote Desktop Windows | >=1.2.1672<1.2.2677 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =20h2 | |
| Microsoft Windows 10 | =21h1 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 10 | =2004 | |
| Microsoft Windows 11 | ||
| Microsoft Windows 11 | ||
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2019 | ||
| Microsoft Windows Server 2022 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-38665?
CVE-2021-38665 is a vulnerability that allows an attacker to disclose sensitive information through the Remote Desktop Protocol (RDP) client.
What software is affected by CVE-2021-38665?
Microsoft Remote Desktop client for Windows Desktop, Microsoft Windows 10 (all versions), Microsoft Windows 11 (arm64 and x64), Microsoft Windows 7 (with Service Pack 1), Microsoft Windows 8.1, Microsoft Windows RT 8.1, Microsoft Windows Server 2008 (with Service Pack 1), Microsoft Windows Server 2012, Microsoft Windows Server 2016, Microsoft Windows Server 2019, and Microsoft Windows Server 2022 are affected by CVE-2021-38665.
What is the severity of CVE-2021-38665?
CVE-2021-38665 has a severity rating of 6.5, which is considered medium.
How can I fix CVE-2021-38665?
To fix CVE-2021-38665, it is recommended to apply the security updates provided by Microsoft.
Where can I find more information about CVE-2021-38665?
You can find more information about CVE-2021-38665 on the Microsoft Security Portal.
- agent/type
- agent/first-publish-date
- agent/author
- agent/softwarecombine
- agent/remedy
- agent/title
- agent/references
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/description
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/microsoft
- canonical/microsoft remote desktop windows
- version/microsoft remote desktop windows/1.2.1672
- canonical/microsoft windows 10
- version/microsoft windows 10/20h2
- version/microsoft windows 10/21h1
- version/microsoft windows 10/1607
- version/microsoft windows 10/1809
- version/microsoft windows 10/1909
- version/microsoft windows 10/2004
- canonical/microsoft windows 11
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt 8.1
- canonical/microsoft windows server 2008
- version/microsoft windows server 2008/r2-sp1
- canonical/microsoft windows server 2012
- version/microsoft windows server 2012/r2
- canonical/microsoft windows server 2016
- canonical/microsoft windows server 2019
- canonical/microsoft windows server 2022