CVE-2024-38099
Improper Authentication (CWE-287)
Published: Jul 9, 2024

010

CVSS 5.9EPSS 0.05%Medium

CVE info copied to clipboard

Summary

Windows Remote Desktop Licensing Service is vulnerable to a denial of service attack. This vulnerability is related to improper authentication and input validation in the service. The attack vector is network-based and does not require user interaction, though it has high attack complexity. The vulnerability affects the availability of the system but does not impact confidentiality or integrity.

Impact

An attacker could exploit this vulnerability to cause a denial of service, potentially disrupting the availability of the Windows Remote Desktop Licensing Service. This could lead to service interruptions for users relying on Remote Desktop services. The attack is network-based and doesn't require user interaction, making it potentially more dangerous, though the high attack complexity may limit its exploitation.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. Microsoft released an update to address this vulnerability on July 9, 2024. The patch is available for affected versions of Windows Server, including Windows Server 2008, 2012, 2016, 2019, and 2022.

Mitigation

1. Apply the security update provided by Microsoft as soon as possible. 2. Implement network segmentation and access controls to limit exposure of the Remote Desktop Licensing Service. 3. Monitor for suspicious network activity targeting the Remote Desktop Licensing Service. 4. Ensure that proper authentication mechanisms are in place for all remote desktop services. 5. Regularly update and patch Windows Server systems, particularly those running Remote Desktop services.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Timeline

Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (92149)

Jul 9, 2024 at 7:53 AM

CVSS

A CVSS base score of 5.9 has been assigned.

Jul 9, 2024 at 5:05 PM / microsoft

CVE Assignment

NVD published the first details for CVE-2024-38099

Jul 9, 2024 at 5:15 PM

First Article

Feedly found the first article mentioning CVE-2024-38099. See article

Jul 9, 2024 at 5:17 PM / Vulners.com RSS Feed

CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Jul 9, 2024 at 5:36 PM

Trending

This CVE started to trend in security discussions

Jul 9, 2024 at 8:00 PM

EPSS

EPSS Score was set to: 0.05% (Percentile: 17.2%)

Jul 10, 2024 at 10:14 AM

Trending

This CVE stopped trending in security discussions

Jul 11, 2024 at 6:55 AM

Threat Intelligence Report

CVE-2024-38099 is a vulnerability in the Windows Remote Desktop Licensing Service, with a CVSS score of 5.9, indicating a moderate level of criticality. The provided information does not specify whether the vulnerability is being actively exploited in the wild, nor does it mention the availability of proof-of-concept exploits, mitigations, detections, patches, or any downstream impacts on third-party vendors or technology. Further investigation would be necessary to assess the full scope and implications of this vulnerability. See article

Oct 27, 2024 at 2:07 AM