CVE-2021-25692 — MEDIUM (4.6)

Q: What is CVE-2021-25692?

CVE-2021-25692 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3.

Q: How severe is CVE-2021-25692?

CVE-2021-25692 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-25692?

Check the references section above for vendor advisories and patch information. Affected products include: Teradici Pcoip Connection Manager And Security Gateway.

Vulnerability Description

Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3.

CVSS Score

4.6

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Teradici	Pcoip Connection Manager And Security Gateway	>= 20.07, < 20.07.1

Related Weaknesses (CWE)

CWE-312

References

https://advisory.teradici.com/security-advisories/77/MitigationPatchVendor Advisory
https://advisory.teradici.com/security-advisories/77/MitigationPatchVendor Advisory

FAQ

What is CVE-2021-25692?

CVE-2021-25692 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3.

How severe is CVE-2021-25692?

CVE-2021-25692 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-25692?

Check the references section above for vendor advisories and patch information. Affected products include: Teradici Pcoip Connection Manager And Security Gateway.