Описание
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 15 (включая)Версия до 2020-04-20 (исключая)
Одно из
cpe:2.3:a:teradici:cloud_access_connector:*:*:*:*:*:*:*:*
cpe:2.3:a:teradici:cloud_access_connector_legacy:*:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00296
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-98
CWE-829
Связанные уязвимости
github
больше 3 лет назад
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.
EPSS
Процентиль: 52%
0.00296
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-98
CWE-829