Apache Guacamole is a clientless remote desktop gateway from the Apache Foundation in the United States. The product supports protocols such as VNC, RDP, and SSH. A security vulnerability exists in Apache Guacamole 1.3.0, which stems from the fact that Apache Guacamole 1.3.0 and earlier versions may incorrectly include private tunnel identifiers in the non-private details of some REST responses. This could allow an authenticated user who already has access to a specific connection to read from or interact with other users’ active use of the same connection. No detailed vulnerability details are currently available.