CVE-2020-13186

Summary

An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link.

Affected Software

VendorProductVersion RangeStatus
n/a- Cloud Access Connector - Cloud Access Connector Legacyv31 and earlieraffected

Weaknesses

  • CWE-352: CWE-352: Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References