PT-2020-13373 · Teradici · Teradici Management Console
Published
2020-08-11
·
Updated
2022-09-02
·
CVE-2020-13174
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Teradici Management console versions 20.04 and 20.01.1
Description
The web server in the Teradici Management console did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicious link via clickjacking.
Recommendations
For version 20.04, update the X-Frame-Options HTTP header to prevent clickjacking attacks.
For version 20.01.1, update the X-Frame-Options HTTP header to prevent clickjacking attacks.
Fix
Clickjacking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Teradici Management Console