2 matches found
CVE-2020-7213
Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallelsupdates.xml file on the http://update.parallels.com web site...
CVE-2020-7213
Parallels 13 vulnerable to MITM through its update process due to use of cleartext HTTP for updates (parallels_updates.xml at update.parallels.com). The issue is documented across CVE-2020-7213 sources (NVD, Red Hat, CVE lists). Impact described as exposure/integrity risk during update delivery. ...