{"containers": {"cna": {"affected": [{"product": "- PCoIP Standard Agent for Windows - PCoIP Graphics Agent for Windows", "vendor": "n/a", "versions": [{"status": "affected", "version": "PCoIP Standard Agent for Windows 20.04 and earlier, PCoIP Graphics Agent for Windows 20.04 and earlier"}]}], "descriptions": [{"lang": "en", "value": "Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "Exposure of Sensitive Information (CWE-200)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-08-11T18:06:27.000Z", "orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be", "shortName": "Teradici"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://advisory.teradici.com/security-advisories/60/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@teradici.com", "ID": "CVE-2020-13179", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "- PCoIP Standard Agent for Windows - PCoIP Graphics Agent for Windows", "version": {"version_data": [{"version_value": "PCoIP Standard Agent for Windows 20.04 and earlier, PCoIP Graphics Agent for Windows 20.04 and earlier"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Exposure of Sensitive Information (CWE-200)"}]}]}, "references": {"reference_data": [{"name": "https://advisory.teradici.com/security-advisories/60/", "refsource": "MISC", "url": "https://advisory.teradici.com/security-advisories/60/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:11:19.479Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://advisory.teradici.com/security-advisories/60/"}]}]}, "cveMetadata": {"assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be", "assignerShortName": "Teradici", "cveId": "CVE-2020-13179", "datePublished": "2020-08-11T18:06:27.000Z", "dateReserved": "2020-05-19T00:00:00.000Z", "dateUpdated": "2024-08-04T12:11:19.479Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:teradici:graphics_agent:*:*:*:*:*:windows:*:*", "matchCriteriaId": "14D4B030-1438-47EC-AA0A-1E74CFFA34E3", "versionEndExcluding": "20.04.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:teradici:pcoip_standard_agent:*:*:*:*:*:windows:*:*", "matchCriteriaId": "C746FBCC-92C4-40BA-9C88-0C9FD3494932", "versionEndExcluding": "20.04.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure."}, {"lang": "es", "value": "Los mensajes de Broker Protocol en Teradici PCoIP Standard Agent para Windows y Graphics Agent para Windows versiones anteriores a la 20.04.1, no son limpiados en la memoria del servidor, lo que puede permitir a un atacante leer informaci\u00f3n confidencial de un volcado de memoria forzando un bloqueo durante el procedimiento inicio de sesi\u00f3n \u00fanico"}], "id": "CVE-2020-13179", "lastModified": "2024-11-21T05:00:48.907", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-11T19:15:17.313", "references": [{"source": "security@teradici.com", "tags": ["Vendor Advisory"], "url": "https://advisory.teradici.com/security-advisories/60/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://advisory.teradici.com/security-advisories/60/"}], "sourceIdentifier": "security@teradici.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@teradici.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-212"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}