Vulnerabilities > CVE-2020-0765 - Unspecified vulnerability in Microsoft Remote Desktop Connection Manager 2.7

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

microsoft

NVD

Published: 2020-03-12

Updated: 2021-07-21

Summary

An information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity, aka 'Remote Desktop Connection Manager Information Disclosure Vulnerability'.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Remote Desktop Connection Manager - Microsoft Remote Desktop Connection Manager 2.7	2

The Hacker News

id	THN:3D9F7E987C17A81C15F0745D108233C7
last seen	2020-03-11
modified	2020-03-11
published	2020-03-11
reporter	The Hacker News
source	https://thehackernews.com/2020/03/microsoft-patch-tuesday-march-2020.html
title	Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0765