CVE-2020-13186

Name of the Vulnerable Software and Affected Versions Teradici Cloud Access Connector versions prior to v31

Description A missing Anti CSRF mechanism was discovered in a specific web form of the Teradici Cloud Access Connector, allowing an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link.

Recommendations For versions prior to v31, update to a version that includes the Anti CSRF mechanism to prevent exploitation. As a temporary workaround, consider restricting access to the specific web form until a patch is available. Avoid using the machineID and user GUID in the affected web form until the issue is resolved.