1. Home
  2. CVE Database
  3. CVE-2020-13175
HIGH · 7.5

CVE-2020-13175

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local fil...

Vulnerability Description

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
TeradiciCloud Access Connector<= 15
TeradiciCloud Access Connector Legacy< 2020-04-20

Related Weaknesses (CWE)

CWE-829CWE-98

References

FAQ

What is CVE-2020-13175?

CVE-2020-13175 is a vulnerability with a CVSS score of 7.5 (HIGH). The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local fil...

How severe is CVE-2020-13175?

CVE-2020-13175 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-13175?

Check the references section above for vendor advisories and patch information. Affected products include: Teradici Cloud Access Connector, Teradici Cloud Access Connector Legacy.