Overview
- Description
- Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure.
- Source
- security@teradici.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teradici:graphics_agent:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "14D4B030-1438-47EC-AA0A-1E74CFFA34E3",
"versionEndExcluding": "20.04.1"
},
{
"criteria": "cpe:2.3:a:teradici:pcoip_standard_agent:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "C746FBCC-92C4-40BA-9C88-0C9FD3494932",
"versionEndExcluding": "20.04.1"
}
],
"operator": "OR"
}
]
}
]