Lucene search

VulDBCVELIST:CVE-2017-20121

HistoryJun 30, 2022 - 5:05 a.m.

CVE-2017-20121 Teradici Management Console Database Management privileges management

2022-06-3005:05:20

CWE-269

VulDB

www.cve.org

teradici management console

cve-2017-20121

database management

privileges

local host

manipulation

exploit

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.8%

JSON

A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Database Management. The manipulation leads to improper privilege management. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

CNA Affected

[
  {
    "product": "Management Console",
    "vendor": "Teradici",
    "versions": [
      {
        "status": "affected",
        "version": "2.2.0"
      }
    ]
  }
]

References

seclists.org/fulldisclosure/2017/Feb/62

vuldb.com/?id.97279

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.8%

JSON

Related for CVELIST:CVE-2017-20121