This issue did not affect the versions of libvncserver as shipped with Red Hat Enterprise Linux 6 and 7, as they did not include support for tightvnc file transfer.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||7.5|
|CVSS3 Base Metrics||CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H|
Affected Packages State
|Red Hat Enterprise Linux 7||libvncserver||Not affected|
|Red Hat Enterprise Linux 6||libvncserver||Not affected|
CVE description copyright © 2017, The MITRE Corporation