exploitDog

CVE-2020-10965

Опубликовано: 25 мар. 2020

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2.

Ссылки

https://healdb.tech/blog.html
Exploit
Vendor Advisory
https://help.teradici.com/s/article/3729
Patch
Vendor Advisory
https://healdb.tech/blog.html
Exploit
Vendor Advisory
https://help.teradici.com/s/article/3729
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:teradici:pcoip_management_console:19.11.1:*:*:*:*:*:*:*

cpe:2.3:a:teradici:pcoip_management_console:20.01.0:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01656

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-4gcx-6fpv-7pw9

github

больше 3 лет назад

Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2.

EPSS

Процентиль: 82%

0.01656

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-287