CVE-2020-13186: CSRF
First published: Thu Feb 11 2021(Updated: )
An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link.
Credit: security@teradici.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Teradici Cloud Access Connector | <=31 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-13186.
What is the severity level of CVE-2020-13186?
The severity level of CVE-2020-13186 is medium.
What is the affected software for CVE-2020-13186?
The affected software for CVE-2020-13186 is Teradici Cloud Access Connector v31 and earlier.
How does CVE-2020-13186 impact the Teradici Cloud Access Connector?
CVE-2020-13186 allows an attacker with knowledge of both a machineID and user GUID to modify data if a user clicks a malicious link in the specific web form.
Is there a fix available for CVE-2020-13186?
Yes, please refer to the Teradici security advisory for more information on available fixes.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/type
- agent/event
- agent/author
- agent/references
- agent/tags
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/teradici
- canonical/teradici cloud access connector
- version/teradici cloud access connector/31