Lucene search
ApacheCVELIST:CVE-2020-11997HistoryJan 19, 2021 - 9:12 p.m.
CVE-2020-11997
2021-01-1921:12:29
apache
www.cve.org
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that connection was accessed, even if those users do not otherwise have permission to see other users.
CNA Affected
[
{
"product": "Apache Guacamole",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Apache Guacamole 1.2.0 and older"
}
]
}
]Related
osv
osv
CVE-2020-11997
2021-01-19 22:15:12
BIT-guacamole-2020-11997
2024-03-06 10:54:08
BIT-guacamole-server-2020-11997
2024-03-06 10:54:07
nvd
nvd
CVE-2020-11997
2021-01-19 22:15:12
openvas
openvas
Apache Guacamole <= 1.2.0 Information Disclosure Vulnerability
2021-01-25 00:00:00
Mageia: Security Advisory (MGASA-2021-0272)
2022-01-28 00:00:00
github
github
Incorrect Default Permissions in Apache Guacamole
2022-01-06 20:34:35
prion
prion
Session fixation
2021-01-19 22:15:00
cve
cve
CVE-2020-11997
2021-01-19 22:15:12
ubuntucve
ubuntucve
CVE-2020-11997
2021-01-19 00:00:00
debiancve
debiancve
CVE-2020-11997
2021-01-19 22:15:00
mageia
mageia
Updated guacd packages fix security vulnerabilities
2021-06-23 20:11:28