Опубликовано: 15 янв. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 7.7
CVSS3: 7.5
Описание
An issue in the native clients for Amazon WorkSpaces Clients when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle.
An issue in the native clients for Amazon WorkSpaces Clients when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-0501
- https://aws.amazon.com/security/security-bulletins/AWS-2025-001
- https://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-android-client.html#android-release-notes
- https://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-linux-client.html#linux-release-notes
- https://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-osx-client.html#osx-release-notes
- https://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-windows-client.html#windows-release-notes
Связанные уязвимости
CVSS3: 7.5
nvd
около 1 года назад
An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.