Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:parallels:remote_application_server:15.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-45894 |
The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques. Published: December 14, 2023; 3:15:52 PM -0500 |
V4.0:(not available) V3.1: 10.0 CRITICAL V2.0:(not available) |
CVE-2020-8968 |
Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of the information of the user could be compromised if an attacker is able to recover the profile password. Published: December 17, 2021; 12:15:10 PM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0: 2.1 LOW |
CVE-2017-9447 |
In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory. A remote, unauthenticated attacker could exploit this weakness to read arbitrary files from the vulnerable system using path traversal sequences. Published: February 28, 2018; 10:29:00 AM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |