First published: Tue Apr 11 2023(Updated: )
Remote Desktop Protocol Client Information Disclosure Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 10 | =20H2 | |
Microsoft Remote Desktop Windows | <1.2.4157.0 | |
Microsoft Windows 10 1507 | <10.0.10240.19869 | |
Microsoft Windows 10 1607 | <10.0.14393.5850 | |
Microsoft Windows 10 1809 | <10.0.17763.4252 | |
Microsoft Windows 10 20h2 | <10.0.19042.2846 | |
Microsoft Windows 10 21h2 | <10.0.19044.2846 | |
Microsoft Windows 10 22h2 | <10.0.19045.2846 | |
Microsoft Windows 11 21h2 | <10.0.22000.1817 | |
Microsoft Windows 11 22h2 | <10.0.22621.1555 | |
Microsoft Windows Server 2008 | =sp2 | |
Microsoft Windows Server 2012 | ||
Microsoft Windows Server 2012 | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2022 | ||
=1607 | ||
=1607 | ||
=22H2 | ||
=22H2 | ||
=22H2 | ||
=22H2 | ||
=22H2 | ||
=21H2 | ||
=21H2 | ||
=21H2 | ||
=21H2 | ||
=20H2 | ||
=20H2 | ||
=21H2 | ||
=1809 | ||
=1809 | ||
=1809 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for Remote Desktop Protocol Client Information Disclosure Vulnerability is CVE-2023-28267.
The severity of CVE-2023-28267 is high with a CVSS score of 6.5.
The following software versions are affected by CVE-2023-28267: Windows 10 (x86 and x86_64), Windows Server 2012, Windows 11 (arm64 and x86_64), Windows Server 2012 R2, Windows Server 2008 R2 (x86_64 and Server Core Installation), Windows Server 2016 (Server Core Installation), Windows 10 (version 1607 and 22H2, x86 and x86_64), Windows Server 2016, Windows 10 (version 22H2, arm64), Windows Server 2008 R2 (x86_64, sp1, Server Core Installation), Windows 10 (version 21H2, x86), Windows 10 (version 21H2, x86_64), Windows 11 (version 22H2, x86_64), Windows Server 2012 (Server Core Installation), Windows 10 (version 22H2, arm64), Windows Server 2022 (Server Core Installation), Windows 10 (version 1809, x86 and x86_64), Windows 11 (version 21H2, arm64 and x86_64), Windows Server 2019 (Server Core Installation), Windows 10 (version 20H2, x86), Windows 11 (version 21H2, x86_64), and Windows 10 (version 20H2, x86_64).
The remedy for CVE-2023-28267 on Windows 10 is to install the appropriate patch. Please refer to the Microsoft support page for more information and to download the patch.
The remedy for CVE-2023-28267 on Windows Server 2012 is to install the appropriate patch. Please refer to the Microsoft support page for more information and to download the patch.