Teradici: >> Cloud Access Connector >> 17 Security Vulnerabilities
Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-02-11
An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-02-11