First published: Tue Aug 11 2020(Updated: )
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.
Credit: security@teradici.com
Affected Software | Affected Version | How to fix |
---|---|---|
Teradici Cloud Access Connector | <=15 | |
Teradici Cloud Access Connector Legacy | <2020-04-20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2020-13175.
The severity of CVE-2020-13175 is high with a CVSS score of 7.5.
The affected software are Teradici Cloud Access Connector versions up to 15 and Teradici Cloud Access Connector Legacy versions before April 20, 2020 (v15 and earlier for Cloud Access Connector).
This vulnerability allows an unauthenticated remote attacker to leak LDAP credentials.
Yes, the fix is available. Please refer to the advisory for further information.