RDCMan XML External Entity (XXE) Information Disclosure Vulnerability

RDCMan XML External Entity (XXE) Information Disclosure Vulnerability

CVE-2020-0765 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

An information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity, aka 'Remote Desktop Connection Manager Information Disclosure Vulnerability'.

Learn more about our Cis Benchmark Audit For Desktop Software.