Teradici: >> Pcoip Management Console Security Vulnerabilities
A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Database Management. The manipulation leads to improper privilege management. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-06-30
In Teradici PCoIP Management Console-Enterprise 20.07.0, an unauthenticated user can inject arbitrary text into user browser via the Web application.
CVSS Score
6.1
EPSS Score
0.009
Published
2021-07-07
Reflected Cross Site Scripting in Teradici PCoIP Management Console prior to 20.07 could allow an attacker to take over the user's active session if the user is exposed to a malicious payload.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-08-17
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicious link via clickjacking.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-08-11
Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2.
CVSS Score
8.1
EPSS Score
0.017
Published
2020-03-25