Severity: moderate
Base CVSS Score: 6.8 (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N)
Affected versions:
- Apache Guacamole 0.9.10 through 1.5.1
Description:
Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed
RDP audio input buffer. Depending on timing, this may allow an attacker
to execute arbitrary code with the privileges of the guacd process.
Mitigation:
Users of versions of Apache Guacamole 1.5.1 and older should upgrade to
the 1.5.2 release.
Credit:
We would like to thank Stefan Schiller (Sonar) for reporting this issue.
References:
https://guacamole.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-30576
Timeline:
2023-04-11: Reported to secur...@guacamole.apache.org
2023-04-11: Report acknowledged by project
2023-04-12: Report confirmed by project
2023-05-09: Fix completed and merged
2023-05-09: Fix tested and confirmed by reporter
2023-05-25: Fix released