Search criteria
2 vulnerabilities found for tera2_pcoip_zero_client_firmware by teradici
CVE-2022-1805 (GCVE-0-2022-1805)
Vulnerability from nvd – Published: 2022-07-28 14:21 – Updated: 2024-08-03 00:16
VLAI
Summary
When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client.
Severity
No CVSS data available.
CWE
- Man in the Middle Attack
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hp.com/us-en/document/ish_6545906… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Tera2 Zero Client |
Affected:
Firmware version 22.04 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:59.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tera2 Zero Client",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Firmware version 22.04 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Man in the Middle Attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-28T14:21:09.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2022-1805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tera2 Zero Client",
"version": {
"version_data": [
{
"version_value": "Firmware version 22.04 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Man in the Middle Attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-1805",
"datePublished": "2022-07-28T14:21:09.000Z",
"dateReserved": "2022-05-20T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:16:59.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1805 (GCVE-0-2022-1805)
Vulnerability from cvelistv5 – Published: 2022-07-28 14:21 – Updated: 2024-08-03 00:16
VLAI
Summary
When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client.
Severity
No CVSS data available.
CWE
- Man in the Middle Attack
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hp.com/us-en/document/ish_6545906… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Tera2 Zero Client |
Affected:
Firmware version 22.04 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:59.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tera2 Zero Client",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Firmware version 22.04 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Man in the Middle Attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-28T14:21:09.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2022-1805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tera2 Zero Client",
"version": {
"version_data": [
{
"version_value": "Firmware version 22.04 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Man in the Middle Attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-1805",
"datePublished": "2022-07-28T14:21:09.000Z",
"dateReserved": "2022-05-20T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:16:59.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}