Vulnerability Details CVE-2020-13175
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-13175
-
cpe:2.3:a:teradici:cloud_access_connector:-
-
cpe:2.3:a:teradici:cloud_access_connector:11
-
cpe:2.3:a:teradici:cloud_access_connector:12
-
cpe:2.3:a:teradici:cloud_access_connector:13
-
cpe:2.3:a:teradici:cloud_access_connector:14
-
cpe:2.3:a:teradici:cloud_access_connector:15
-
cpe:2.3:a:teradici:cloud_access_connector_legacy:-