HIGH🇵🇱 Wersja polska

CVE-2020-10965

CVSS 8.1v3.1pub. 2020-03-25upd. 2024-11-21

Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Teradici Pcoip Management Console

    APP
    Teradici
    19.11.120.01.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2017-20121HIGH7.8ten sam produkt

A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by ...

CVE-2021-35451MEDIUM6.1ten sam produkt

In Teradici PCoIP Management Console-Enterprise 20.07.0, an unauthenticated user can inject arbitrary text int...

CVE-2020-13183MEDIUM6.1ten sam produkt

Reflected Cross Site Scripting in Teradici PCoIP Management Console prior to 20.07 could allow an attacker to ...

CVE-2020-13174MEDIUM6.1ten sam produkt

The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-...

CVE-2021-25689CRITICAL9.8ten sam vendor

An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker...