4.6
CVE-2021-25692
- EPSS 0.18%
- Veröffentlicht 06.04.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:55:18
- Quelle security@teradici.com
- CVE-Watchlists
- Unerledigt
LoginSensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Teradici ≫ Pcoip Connection Manager And Security Gateway Version >= 20.07 < 20.07.1
Teradici ≫ Pcoip Connection Manager And Security Gateway Version >= 21.01 < 21.01.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.071 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 0.9 | 3.6 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
CWE-312 Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
https://advisory.teradici.com/security-advisories/77/