CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11997

Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that connection was accessed, even if those users do not otherwise have permission to see other users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.1%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

Products affected by CVE-2020-11997

Apache » Guacamole » Version: 0.3.0

cpe:2.3:a:apache:guacamole:0.3.0
Apache » Guacamole » Version: 0.4.0

cpe:2.3:a:apache:guacamole:0.4.0
Apache » Guacamole » Version: 0.5.0

cpe:2.3:a:apache:guacamole:0.5.0
Apache » Guacamole » Version: 0.6.0

cpe:2.3:a:apache:guacamole:0.6.0
Apache » Guacamole » Version: 0.6.1

cpe:2.3:a:apache:guacamole:0.6.1
Apache » Guacamole » Version: 0.6.2

cpe:2.3:a:apache:guacamole:0.6.2
Apache » Guacamole » Version: 0.6.3

cpe:2.3:a:apache:guacamole:0.6.3
Apache » Guacamole » Version: 0.7.0

cpe:2.3:a:apache:guacamole:0.7.0
Apache » Guacamole » Version: 0.7.1

cpe:2.3:a:apache:guacamole:0.7.1
Apache » Guacamole » Version: 0.7.2

cpe:2.3:a:apache:guacamole:0.7.2
Apache » Guacamole » Version: 0.7.3

cpe:2.3:a:apache:guacamole:0.7.3
Apache » Guacamole » Version: 0.7.4

cpe:2.3:a:apache:guacamole:0.7.4
Apache » Guacamole » Version: 0.8.0

cpe:2.3:a:apache:guacamole:0.8.0
Apache » Guacamole » Version: 0.8.2

cpe:2.3:a:apache:guacamole:0.8.2
Apache » Guacamole » Version: 0.8.3

cpe:2.3:a:apache:guacamole:0.8.3
Apache » Guacamole » Version: 0.8.4

cpe:2.3:a:apache:guacamole:0.8.4
Apache » Guacamole » Version: 0.9.0

cpe:2.3:a:apache:guacamole:0.9.0
Apache » Guacamole » Version: 0.9.1

cpe:2.3:a:apache:guacamole:0.9.1
Apache » Guacamole » Version: 0.9.10

cpe:2.3:a:apache:guacamole:0.9.10
Apache » Guacamole » Version: 0.9.10-incubating

cpe:2.3:a:apache:guacamole:0.9.10-incubating
Apache » Guacamole » Version: 0.9.11

cpe:2.3:a:apache:guacamole:0.9.11
Apache » Guacamole » Version: 0.9.11-incubating

cpe:2.3:a:apache:guacamole:0.9.11-incubating
Apache » Guacamole » Version: 0.9.12

cpe:2.3:a:apache:guacamole:0.9.12
Apache » Guacamole » Version: 0.9.12-incubating

cpe:2.3:a:apache:guacamole:0.9.12-incubating
Apache » Guacamole » Version: 0.9.13

cpe:2.3:a:apache:guacamole:0.9.13
Apache » Guacamole » Version: 0.9.13-incubating

cpe:2.3:a:apache:guacamole:0.9.13-incubating
Apache » Guacamole » Version: 0.9.14

cpe:2.3:a:apache:guacamole:0.9.14
Apache » Guacamole » Version: 0.9.2

cpe:2.3:a:apache:guacamole:0.9.2
Apache » Guacamole » Version: 0.9.3

cpe:2.3:a:apache:guacamole:0.9.3
Apache » Guacamole » Version: 0.9.4

cpe:2.3:a:apache:guacamole:0.9.4
Apache » Guacamole » Version: 0.9.5

cpe:2.3:a:apache:guacamole:0.9.5
Apache » Guacamole » Version: 0.9.6

cpe:2.3:a:apache:guacamole:0.9.6
Apache » Guacamole » Version: 0.9.7

cpe:2.3:a:apache:guacamole:0.9.7
Apache » Guacamole » Version: 0.9.8

cpe:2.3:a:apache:guacamole:0.9.8
Apache » Guacamole » Version: 0.9.9

cpe:2.3:a:apache:guacamole:0.9.9
Apache » Guacamole » Version: 1.0.0

cpe:2.3:a:apache:guacamole:1.0.0
Apache » Guacamole » Version: 1.1.0

cpe:2.3:a:apache:guacamole:1.1.0
Apache » Guacamole » Version: 1.2.0

cpe:2.3:a:apache:guacamole:1.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11997

Products

Pricing

Contact Us