7.7
CVE-2025-0501
- EPSS 0.21%
- Veröffentlicht 15.01.2025 19:15:27
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle ff89ba41-3aa1-4d27-914a-91399e
- CVE-Watchlists
- Unerledigt
Issue affecting Amazon WorkSpaces Clients (when running PCoIP protocol)
An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerAmazon
≫
Produkt
WorkSpaces Client
Default Statusunaffected
Version
3.0.0
Version <
5.22.1
Status
affected
HerstellerAmazon
≫
Produkt
WorkSpaces Client
Default Statusunaffected
Version
3.0.0
Version <
2024.6
Status
affected
HerstellerAmazon
≫
Produkt
WorkSpaces Client
Default Statusunaffected
Version
3.0.1
Version <
5.0.1
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.426 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| ff89ba41-3aa1-4d27-914a-91399e9639e5 | 7.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| ff89ba41-3aa1-4d27-914a-91399e9639e5 | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.