CVE-2020-13185

Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials.
References
Link Resource
https://advisory.teradici.com/security-advisories/69/ Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:teradici:cloud_access_connector:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-02-11 18:15

Updated : 2024-02-04 21:23


NVD link : CVE-2020-13185

Mitre link : CVE-2020-13185

CVE.ORG link : CVE-2020-13185


JSON object : View

Products Affected

teradici

  • cloud_access_connector
CWE
CWE-287

Improper Authentication

CWE-288

Authentication Bypass Using an Alternate Path or Channel