MEDIUM✓ PATCH🇬🇧 English

CVE-2020-13174

CVSS 6.1v3.1pub. 2020-08-11upd. 2024-11-21

The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicious link via clickjacking.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Teradici Pcoip Management Console

    APP
    Teradici
    20.01.120.04
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2017-20121HIGH7.8ten sam produkt

A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by ...

CVE-2020-10965HIGH8.1ten sam produkt

Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via log...

CVE-2021-35451MEDIUM6.1ten sam produkt

In Teradici PCoIP Management Console-Enterprise 20.07.0, an unauthenticated user can inject arbitrary text int...

CVE-2020-13183MEDIUM6.1ten sam produkt

Reflected Cross Site Scripting in Teradici PCoIP Management Console prior to 20.07 could allow an attacker to ...

CVE-2021-25689CRITICAL9.8ten sam vendor

An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker...

CVE-2020-13174 — MEDIUM 6.1 | CVEbaza.pl