HIGH🇬🇧 English

CVE-2020-8968

CVSS 7.1v3.1pub. 2021-12-17upd. 2024-11-21

Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of the information of the user could be compromised if an attacker is able to recover the profile password.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  • Parallels Remote Application Server

    APP
    Parallels
    15.5 – 17.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-45894CRITICAL10.0PL ✓ten sam produkt

RCE w Parallels Remote Application Server przez brak segmentacji aplikacji

CVE-2020-15860CRITICAL9.9ten sam produkt

Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic Error causing remote code execution. It ...

CVE-2025-0413HIGH7.8ten sam produkt

Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulne...

CVE-2022-40870HIGH8.1ten sam produkt

The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. Th...

CVE-2017-9447HIGH7.5ten sam produkt

In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due...