Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2020-11997HistoryJan 19, 2021 - 10:15 p.m.
CVE-2020-11997
2021-01-1922:15:00
Debian Security Bug Tracker
security-tracker.debian.org
10
0.001 Low
EPSS
Percentile
29.2%
Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that connection was accessed, even if those users do not otherwise have permission to see other users.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | guacamole-client | <= 0.9.9+dfsg-1 | guacamole-client_0.9.9+dfsg-1_all.deb |
Related
osv
osv
CVE-2020-11997
2021-01-19 22:15:12
BIT-guacamole-2020-11997
2024-03-06 10:54:08
BIT-guacamole-server-2020-11997
2024-03-06 10:54:07
nvd
nvd
CVE-2020-11997
2021-01-19 22:15:12
prion
prion
Session fixation
2021-01-19 22:15:00
github
github
Incorrect Default Permissions in Apache Guacamole
2022-01-06 20:34:35
cvelist
cvelist
CVE-2020-11997
2021-01-19 21:12:29
openvas
openvas
Apache Guacamole <= 1.2.0 Information Disclosure Vulnerability
2021-01-25 00:00:00
Mageia: Security Advisory (MGASA-2021-0272)
2022-01-28 00:00:00
cve
cve
CVE-2020-11997
2021-01-19 22:15:12
ubuntucve
ubuntucve
CVE-2020-11997
2021-01-19 00:00:00
mageia
mageia
Updated guacd packages fix security vulnerabilities
2021-06-23 20:11:28