Parallels · Parallels Remote Application Server · CVE-2020-8968
Name of the Vulnerable Software and Affected Versions:
Parallels Remote Application Server (RAS) (affected versions not specified)
Description:
The issue allows a local attacker to retrieve certain profile passwords in clear text format by uploading a previously stored cyphered file. This could compromise the confidentiality, availability, and integrity of user information if an attacker recovers the profile password.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.