{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5148", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-05-20T18:16:45.718Z", "datePublished": "2024-09-02T11:03:18.235Z", "dateUpdated": "2024-09-27T18:23:21.777Z"}, "containers": {"cna": {"title": "Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition."}], "affected": [{"versions": [{"status": "affected", "version": "46.alpha", "lessThan": "46.2", "versionType": "custom"}], "packageName": "gnome-remote-desktop", "collectionURL": "https://github.com/GNOME/gnome-remote-desktop", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnome-remote-desktop", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnome-remote-desktop", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2024-5148", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282003", "name": "RHBZ#2282003", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/196"}], "datePublic": "2024-05-21T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-488", "description": "Exposure of Data Element to Wrong Session", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-488: Exposure of Data Element to Wrong Session", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "timeline": [{"lang": "en", "time": "2024-05-20T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-05-21T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Matthias Gerstner (SUSE) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-09-27T18:23:21.777Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-03T15:27:26.435046Z", "id": "CVE-2024-5148", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T15:27:41.071Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5148", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-03T15:27:26.435046Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T15:27:36.357Z"}}], "cna": {"title": "Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate", "credits": [{"lang": "en", "value": "Red Hat would like to thank Matthias Gerstner (SUSE) for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"versions": [{"status": "affected", "version": "46.alpha", "lessThan": "46.2", "versionType": "custom"}], "packageName": "gnome-remote-desktop", "collectionURL": "https://github.com/GNOME/gnome-remote-desktop", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "gnome-remote-desktop", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "gnome-remote-desktop", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-05-20T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-05-21T00:00:00+00:00", "value": "Made public."}], "datePublic": "2024-05-21T00:00:00+00:00", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2024-5148", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282003", "name": "RHBZ#2282003", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/196"}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "descriptions": [{"lang": "en", "value": "A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-488", "description": "Exposure of Data Element to Wrong Session"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-09-27T18:23:21.777Z"}, "x_redhatCweChain": "CWE-488: Exposure of Data Element to Wrong Session"}}, "cveMetadata": {"cveId": "CVE-2024-5148", "state": "PUBLISHED", "dateUpdated": "2024-09-27T18:23:21.777Z", "dateReserved": "2024-05-20T18:16:45.718Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2024-09-02T11:03:18.235Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en el paquete gnome-remote-desktop. El daemon del sistema gnome-remote-desktop realiza una validaci\u00f3n inadecuada de los agentes de sesi\u00f3n mediante m\u00e9todos D-Bus relacionados con la transici\u00f3n de una conexi\u00f3n de cliente desde la pantalla de inicio de sesi\u00f3n a la sesi\u00f3n de usuario. Como resultado, el certificado y la clave TLS de RDP del sistema pueden quedar expuestos a usuarios no autorizados. Esta falla permite que un usuario malintencionado del sistema tome el control de la conexi\u00f3n del cliente RDP durante la transici\u00f3n de la pantalla de inicio de sesi\u00f3n a la sesi\u00f3n de usuario."}], "id": "CVE-2024-5148", "lastModified": "2024-09-03T12:59:02.453", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2024-09-02T12:15:19.910", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2024-5148"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282003"}, {"source": "secalert@redhat.com", "url": "https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/196"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-488"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Matthias Gerstner (SUSE) for reporting this issue.", "bugzilla": {"description": "gnome-remote-desktop: inadequate validation of session agents using D-Bus methods may expose RDP TLS certificate", "id": "2282003", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282003"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-488", "details": ["A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition.", "A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-5148", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "gnome-remote-desktop", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "gnome-remote-desktop", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-5148\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-5148\nhttps://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/196"], "statement": "The severity of this issue is considered moderate rather than important because exploitation requires local access to the system by a malicious user. This limits the attack surface primarily to environments with multiple users sharing the same system. Additionally, the attack vector involves a specific transition phase (from the login screen to the user session) and relies on inadequate validation of session agents using D-Bus methods, which, while significant, does not directly compromise the system's overall security infrastructure. As such, the potential for exploitation is constrained by the necessity for local access and the specific conditions required to exploit the flaw, thereby mitigating its overall impact compared to vulnerabilities that can be exploited remotely or without user interaction.", "threat_severity": "Moderate", "upstream_fix": "gnome-remote-desktop 46.2"}