CVE-2020-13186

Description

An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link.

Affected Software
References

Software	From	Fixed in
teradici / cloud_access_connector	-	31.x

https://advisory.teradici.com/security-advisories/70/

Severity: Medium

CVE: CVE-2020-13186
Published: Feb 11, 2021
Updated: Apr 13, 2023
Exploit:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Severity: Low
Score: 2.6
AV:N/AC:H/Au:N/C:N/I:P/A:N

CWE-352

CVE-2020-13186

Description

Details

CVSS v3

CVSS v2

CWEs