CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-8968

Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of the information of the user could be compromised if an attacker is able to recover the profile password.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.0%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 2.1

References

https://www.incibe.es/en/incibe-cert/notices/aviso/parallels-remote-application-server-credentials-management-errors
https://www.incibe.es/en/incibe-cert/notices/aviso/parallels-remote-application-server-credentials-management-errors

Products affected by CVE-2020-8968

Parallels » Remote Application Server » Version: 15.5

cpe:2.3:a:parallels:remote_application_server:15.5
Parallels » Remote Application Server » Version: 17.0

cpe:2.3:a:parallels:remote_application_server:17.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8968

Products

Pricing

Contact Us