RDPData.dll Exposes Session IDs and Allows Impersonation of Logged-In Users

RDPData.dll Exposes Session IDs and Allows Impersonation of Logged-In Users

CVE-2023-39423 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs,  among other features. By using a UNION SQL operator, an attacker can leak the sessions table, obtain the currently valid sessions and impersonate a currently logged-in user.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.