Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-20501
HistoryDec 21, 2021 - 12:00 a.m.

Parallels Remote Application Server存在未明漏洞

2021-12-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
parallels remote application server
vulnerability
plaintext password
local attacker
configuration file
encrypted file
profile passwords
user information
compromise

EPSS

0

Percentile

12.6%

A security vulnerability exists in Parallels Remote Application Server (RAS), a suite of application delivery and VDI (Virtual Desktop Infrastructure) solutions from Parallels, U.S.A. The vulnerability stems from allowing A local attacker to retrieve certain configuration file passwords in plaintext format by uploading an encrypted file previously stored in Parallels RAS. An attacker could exploit the vulnerability to be able to recover profile passwords, and the confidentiality, availability, and integrity of user information could be compromised.

EPSS

0

Percentile

12.6%

Related for CNVD-2022-20501