Parallels Remote Application Server 17.1.1
Approved changes feed: RSS · Atom
cpe:2.3:a:parallels:remote_application_server:17.1.1:*:*:*:*:*:*:*
part: a version: 17.1.1 update: *
| Vendor | Parallels (f7bc486c-fad7-5571-9bc2-c91e15af2082) |
|---|---|
| Product | Remote Application Server (be008a13-0cbd-5058-97f2-f9ad1893639d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-15860 |
vulnerable | 2026-06-03 14:41:46.885634 |
Details available
Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic Error causing remote code execution. It allows an authenticated user to execute any application in the backend operating system through the web application, despite the affected application not being published. In addition, it was discovered that it is possible to access any host in the internal domain, even if it has no published applications or the mentioned host is no longer associated with that server farm.
Published: 2020-07-24T16:01:41.000Z
Updated: 2024-08-04T13:30:22.762Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.