RDPData.dll Exposes Session IDs and Allows Impersonation of Logged-In Users
CVE-2023-39423 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs, among other features. By using a UNION SQL operator, an attacker can leak the sessions table, obtain the currently valid sessions and impersonate a currently logged-in user.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.