Lucene search
K

111 matches found

CNNVD
CNNVD
added 2021/09/22 12:0 a.m.5 views

IBM Security Verify Bridge 安全漏洞

IBM Security Verify Bridge is an IBM application component from International Business Machines IBM, Inc. provides IBM Cloud access to user attributes and authentication that are controlled by the client's local LDAP or Active Directory. A security vulnerability exists in IBM Security Verify Brid...

6.5CVSS6.2AI score0.0022EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/07/21 12:0 a.m.4 views

Teradici PCOIP Software Agent 安全漏洞

The Teradici PCoIP Software Agent is part of the Teradici Cloud Access Software from Teradici Canada. A PCoIP client can be used to connect to virtual desktops either directly or through a connection agent. A security vulnerability exists in the Teradici PCOIP Software Agent that could be exploit...

7.8CVSS7.6AI score0.00281EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2021/04/05 2:15 p.m.170 views

A Quick Look Into Cloud Security Posture Management (CSPM)

The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business needs. But figuring out the right tool—let alone the right type of tool—can be difficult. Gartner has five security archetypes that fall under the broader cloud security...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/03/04 5:0 p.m.67 views

A better cloud access security broker: Securing your SaaS cloud apps and services with Microsoft Cloud App Security

Today’s business uses an average of 1,180 cloud apps¹, with many of those organizations securing their apps through cloud access security brokers CASB. The organizational need for a CASB has grown alongside the use of cloud apps to enable remote work and greater user productivity. When security...

6.8AI score
Exploits0
NVD
NVD
added 2021/02/11 6:15 p.m.21 views

CVE-2020-13185

Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials...

6.5CVSS0.0097EPSS
Exploits0References1
NVD
NVD
added 2021/02/11 6:15 p.m.21 views

CVE-2020-13186

An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...

6.5CVSS0.00344EPSS
Exploits0References1
OSV
OSV
added 2021/02/11 6:15 p.m.7 views

CVE-2020-13186

An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...

6.5CVSS6.6AI score0.00344EPSS
Exploits0References1
Prion
Prion
added 2021/02/11 6:15 p.m.16 views

Cross site request forgery (csrf)

An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...

2.6CVSS6.4AI score0.00344EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/11 3:14 p.m.29 views

CVE-2020-13186

An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...

6.4AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2021/02/11 3:14 p.m.43 views

CVE-2020-13186

CVE-2020-13186 affects Teradici Cloud Access Connector v31 and earlier. The root cause is a missing Anti‑CSRF protection in a specific web form, enabling data modification if a user clicks a crafted link and the attacker knows both a machineID and a user GUID. Connected sources confirm the vulner...

6.5CVSS6.3AI score0.00344EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/11 3:10 p.m.25 views

CVE-2020-13185

Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials...

6.7AI score0.0097EPSS
Exploits0References1
CVE
CVE
added 2021/02/11 3:10 p.m.39 views

CVE-2020-13185

CVE-2020-13185 affects the Teradici Cloud Access Connector prior to v18, where certain pages in the authenticated area could be accessed without authentication tokens. This is due to insufficient access control on those pages, enabling an attacker to perform sensitive functions without credential...

6.5CVSS6.6AI score0.0097EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/02/11 12:0 a.m.7 views

Teradici Cloud Access Connector Security Vulnerability

A security vulnerability exists in Teradici Cloud Access Connector prior to v18, which stems from the fact that certain web application pages can be accessed without specifying an authentication token, which can be exploited by an attacker to execute sensitive functions without credentials...

6.5CVSS6.7AI score0.0097EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/14 12:0 a.m.3 views

Loxone Miniserver Authorization Issues Vulnerability

Loxone Miniserver is a server that provides energy management and monitoring functions for automation of equipment and homes in buildings and houses by Loxone Corporation. Loxone Miniserver version 11.1.9.3 previously had an authorization issue vulnerability that arose from the inability of devic...

9.8CVSS7.1AI score0.01962EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.6 views

Loxone Miniserver 授权问题漏洞

Loxone Miniserver is a server that provides energy management and monitoring functions for automation of equipment and homes in buildings and houses by Loxone Corporation. Loxone Miniserver version 11.1.9.3 previously had an authorization issue vulnerability that arose from the inability of devic...

9.8CVSS7.3AI score0.01962EPSS
Exploits1References5
Microsoft Secure
Microsoft Secure
added 2020/11/18 5:0 p.m.33 views

Gartner names Microsoft a Leader in the 2020 Magic Quadrant for Cloud Access Security Brokers

The past few months have changed the way we work in many ways, working from home, social distancing, and remote operations have all had impacts on our previously known ways of life. At Microsoft, we have been working hard to assist our customers adjust to this rapidly changing and evolving work...

7.1AI score
Exploits0
OSV
OSV
added 2020/08/11 6:15 p.m.4 views

CVE-2020-13176

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 v16 and earlier for the Cloud Access Connector contains a stored cross-site scripting XSS vulnerability which allows a remote unauthenticated attacker to poison l...

6.1CVSS6.3AI score0.00833EPSS
Exploits0References1
NVD
NVD
added 2020/08/11 6:15 p.m.18 views

CVE-2020-13176

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 v16 and earlier for the Cloud Access Connector contains a stored cross-site scripting XSS vulnerability which allows a remote unauthenticated attacker to poison l...

6.1CVSS6.1AI score0.00833EPSS
Exploits0References1
OSV
OSV
added 2020/08/11 6:15 p.m.3 views

CVE-2020-13175

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 v15 and earlier for Cloud Access Connector contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials...

7.5CVSS7.2AI score0.01672EPSS
Exploits0References1
Prion
Prion
added 2020/08/11 6:15 p.m.15 views

Cross site scripting

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 v16 and earlier for the Cloud Access Connector contains a stored cross-site scripting XSS vulnerability which allows a remote unauthenticated attacker to poison l...

4.3CVSS6AI score0.00833EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder