CVE-2022-1736

Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
canonicalCNA
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
gnomegnome-remote-desktop
42.1.1
gnomegnome-remote-desktop
42.1.1-1
gnomegnome-remote-desktop
42.1.1-2
canonicalubuntu_linux
18.04
canonicalubuntu_linux
20.04
canonicalubuntu_linux
22.04
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnome-remote-desktop
bullseye
unimportant
bookworm
43.3-1
fixed
sid
47.0-3
fixed
trixie
47.0-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnome-control-center
jammy
Fixed 1:41.4-1ubuntu13.2
released
impish
not-affected
focal
not-affected
bionic
not-affected
References
https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1973028
https://ubuntu.com/security/CVE-2022-1736
https://ubuntu.com/security/notices/USN-5430-1