CVE-2020-13175

HIGH

Teradici Cloud Access Connector < v15 - Local File Inclusion

Title source: llm

Description

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.

References (1)

[Vendor Advisory] https://advisory.teradici.com/security-advisories/59/

Scores

CVSS v3 7.5

EPSS 0.0030

EPSS Percentile 52.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-829 CWE-98

Status published

Products (2)

teradici/cloud_access_connector < 15

teradici/cloud_access_connector_legacy < 2020-04-20

Published Aug 11, 2020

Tracked Since Feb 18, 2026