CVE-2017-20121 Vulnerability Details

  /     /     /  

CVE-2017-20121 Metadata Quick Info

CVE Published: 30/06/2022 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: VulDB | Vendor: Teradici | Product: Management Console
Status : PUBLISHED

---

CVE-2017-20121 Description

A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Database Management. The manipulation leads to improper privilege management. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Metrics

CVSS Version: 3.1 | Base Score: 7.8 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* LOCAL
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* LOW
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* HIGH
    Integrity Impact (I)* HIGH
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-269
CWE Name: CWE-269 Improper Privilege Management
Source: Teradici

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).