CVE-2020-13179
11.08.2020, 19:15
Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure.Enginsight
| Vendor | Product | Version |
|---|---|---|
| teradici | graphics_agent | 𝑥 < 20.04.1 |
| teradici | pcoip_standard_agent | 𝑥 < 20.04.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
- CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferThe product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.