CVE-2023-40184

{"id": "CVE-2023-40184", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.6, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.2}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2023-08-30T18:15:09.690", "references": [{"url": "https://github.com/neutrinolabs/xrdp/blame/9bbb2ec68f390504c32f2062847aa3d821a0089a/sesman/sesexec/session.c#L571C5-L571C19", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://github.com/neutrinolabs/xrdp/commit/a111a0fdfe2421ef600e40708b5f0168594cfb23", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-f489-557v-47jq", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/SOT237TIHTHPX5YNIWLVNINOEYC7WMG2/", "tags": ["Mailing List"], "source": "[email protected]"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/U5IXMQODV3OIJ7DRQBUQV7PUKNT7SH36/", "tags": ["Mailing List"], "source": "[email protected]"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/URO3FKTFBPNKFARAQBEJLI4MH6YS35P5/", "tags": ["Mailing List"], "source": "[email protected]"}, {"url": "https://github.com/neutrinolabs/xrdp/blame/9bbb2ec68f390504c32f2062847aa3d821a0089a/sesman/sesexec/session.c#L571C5-L571C19", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/neutrinolabs/xrdp/commit/a111a0fdfe2421ef600e40708b5f0168594cfb23", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-f489-557v-47jq", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00018.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/SOT237TIHTHPX5YNIWLVNINOEYC7WMG2/", "tags": ["Mailing List"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/U5IXMQODV3OIJ7DRQBUQV7PUKNT7SH36/", "tags": ["Mailing List"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/URO3FKTFBPNKFARAQBEJLI4MH6YS35P5/", "tags": ["Mailing List"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-755"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may result in in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed. Users (administrators) don't use restrictions by PAM are not affected. This issue has been addressed in release version 0.9.23. Users are advised to upgrade. There are no known workarounds for this issue."}, {"lang": "es", "value": "xrdp es un servidor de protocolo de escritorio remoto (RDP) de c\u00f3digo abierto. En versiones anteriores a la 0.9.23, el manejo inadecuado de los errores de establecimiento de sesi\u00f3n permite eludir las restricciones de sesi\u00f3n a nivel del sistema operativo. La funci\u00f3n `auth_start_session` puede devolver un valor distinto de cero (1), por ejemplo, en un error de PAM, lo que puede dar lugar a restricciones de sesi\u00f3n, como el n\u00famero m\u00e1ximo de sesiones simult\u00e1neas por usuario por parte de PAM (por ejemplo, ./etc/security/limits.conf) para ser omitido. Los usuarios (administradores) que no utilizan restricciones por PAM no se ven afectados. Este problema se solucion\u00f3 en la versi\u00f3n 0.9.23. Se recomienda a los usuarios que actualicen. No se conocen workarounds para este problema."}], "lastModified": "2025-11-03T20:16:01.940", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:neutrinolabs:xrdp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5F0C8DA-06A5-477C-A303-6715A9D01C6E", "versionEndExcluding": "0.9.23"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}