Vulnerabilities > Teradici > Cloud Access Connector > 14

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-11	CVE-2020-13186	Cross-Site Request Forgery (CSRF) vulnerability in Teradici Cloud Access Connector An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link. network high complexity teradici CWE-352	2.6
2021-02-11	CVE-2020-13185	Improper Authentication vulnerability in Teradici Cloud Access Connector Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials. network teradici CWE-287	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.