Vulnerabilities > Parallels > Remote Application Server > 15.5

DATE CVE VULNERABILITY TITLE RISK
2023-12-14 CVE-2023-45894 Unspecified vulnerability in Parallels Remote Application Server
The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques.
network
low complexity
parallels
critical
10.0
2021-12-17 CVE-2020-8968 Unspecified vulnerability in Parallels Remote Application Server 15.5/17.0
Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS.
local
low complexity
parallels
7.1
2018-02-28 CVE-2017-9447 Path Traversal vulnerability in Parallels Remote Application Server 15.5
In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory.
network
low complexity
parallels CWE-22
7.5