PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | confixx | 2.0.12 |
| parallels | confixx | 3.3.1 |
Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by login_up.php3 and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
Multiple cross-site scripting (XSS) vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/health/ and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service (parsing error) or possibly have unspecified other impact via a crafted REST URL parameter, as demonstrated by parameters to admin/ and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, as demonstrated by cookies used by login_up.php3 and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by login_up.php3 and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in admin/reseller/login-info/ and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 includes an RFC 1918 IP address within a web page, which allows remote attackers to obtain potentially sensitive information by reading this page, as demonstrated by admin/home/admin and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving account/power-mode-logout and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/admin-home/disable-featured-applications-promo and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build1011110331.18 |
Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by file-manager/ and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by smb/user/create and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 receives cleartext password input over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by forms in login_up.php3 and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a submitted password within an HTTP response body, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by password handling in client@2/domain@1/odbc/dsn@1/properties/.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by get_password.php and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in smb/my-profile and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates web pages containing external links in response to GET requests with query strings for smb/app/search-data/catalogId/marketplace and certain other files, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a database connection string within a web page, which allows remote attackers to obtain potentially sensitive information by reading this page, as demonstrated by client@2/domain@1/hosting/aspdotnet/.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by smb/user/list and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/user/create and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/admin-home/featured-applications/ and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.2.0_build20110407.20 |
Multiple cross-site scripting (XSS) vulnerabilities in the billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/index.php/default and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.3.1_build1013110726.09 |
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not disable the SSL 2.0 protocol, which makes it easier for remote attackers to conduct spoofing attacks by leveraging protocol weaknesses.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.3.1_build1013110726.09 |
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not prevent the use of weak ciphers for SSL sessions, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a crafted CipherSuite list.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.3.1_build1013110726.09 |
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by js/ajax/core/ajax.inc.js and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.3.1_build1013110726.09 |
The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms on certain pages under admin/index.php/default.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.3.1_build1013110726.09 |
Multiple SQL injection vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by domains/sitebuilder_edit.php and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Multiple cross-site scripting (XSS) vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by smb/app/available/id/apscatalog/ and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Parallels Plesk Small Business Panel 10.2.0 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service (parsing error) or possibly have unspecified other impact via a crafted cookie, as demonstrated by cookies to client@1/domain@1/hosting/file-manager/ and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by domains/sitebuilder_edit.php and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Parallels Plesk Small Business Panel 10.2.0 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in smb/auth and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Parallels Plesk Small Business Panel 10.2.0 receives cleartext password input over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by forms in smb/auth and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Parallels Plesk Small Business Panel 10.2.0 generates web pages containing external links in response to GET requests with query strings for client@1/domain@1/hosting/file-manager/ and certain other files, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by smb/email-address/list and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving domains/sitebuilder_edit.php and certain other files. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Parallels Plesk Small Business Panel 10.2.0 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/app/top-categories-data/ and certain other files. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Wizard/Edit/Modules/Image and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by Wizard/Edit/Modules/ImageGallery/MultiImagesUpload and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by js/Wizard/Status.js and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving Wizard/Edit/Modules/Image and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_small_business_panel | 10.2.0 |
Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/update/settings/ and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
Cross-site scripting (XSS) vulnerability in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to inject arbitrary web script or HTML via the login parameter to preferences.html.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes a submitted password within an HTTP response body, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by password handling in certain files under client@1/domain@1/backup/local-repository/.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, as demonstrated by cookies used by help.php and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by help.php and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in server/google-tools/ and certain other files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates web pages containing external links in response to GET requests with query strings for enterprise/mobile-monitor/ and certain other files, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes an RFC 1918 IP address within a web page, which allows remote attackers to obtain potentially sensitive information by reading this page, as demonstrated by smb/user/list-data/items-per-page/ and certain other files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corresponding Content-Type data in HTML META elements, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving the get_enabled_product_icon program. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/customer-service-plan/list/reset-search/true/ and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/health/parameters and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 10.4.4_build20111103.18 |
SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Parallels Plesk Panel 7.x and 8.x before 8.6 MU#2, 9.x before 9.5 MU#11, 10.0.x before MU#13, 10.1.x before MU#22, 10.2.x before MU#16, and 10.3.x before MU#5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in March 2012.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 8.1 |
| parallels | parallels_plesk_panel | 9.5 |
| parallels | parallels_plesk_panel | 10.3.1 |
| parallels | parallels_plesk_panel | 9.5.4 |
| parallels | parallels_plesk_panel | 7.0 |
| parallels | parallels_plesk_panel | 9.0 |
| parallels | parallels_plesk_panel | 10.0.1 |
| parallels | parallels_plesk_panel | 9.2 |
| parallels | parallels_plesk_panel | 10.1.1 |
| parallels | parallels_plesk_panel | 7.6.1 |
| parallels | parallels_plesk_panel | 8.2 |
| parallels | parallels_plesk_panel | 8.3 |
| parallels | parallels_plesk_panel | 10.2.0 |
| parallels | parallels_plesk_panel | 9.3 |
| parallels | parallels_plesk_panel | 8.6 |
| parallels | parallels_plesk_panel | 8.0 |
| parallels | parallels_plesk_panel | 8.4 |
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing crafted environment variables.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 11.0.9 |
Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 11.0.9 |
The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on UNIX, and Small Business Panel 10.x on UNIX, has an improper ScriptAlias directive for phppath, which makes it easier for remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2012-1823.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 9.2 |
| parallels | parallels_small_business_panel | 10.0 |
| parallels | parallels_plesk_panel | 9.0 |
In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory. A remote, unauthenticated attacker could exploit this weakness to read arbitrary files from the vulnerable system using path traversal sequences.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | remote_application_server | 15.5 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop version 14.1.3 (45485). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. Was ZDI-CAN-8685.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 14.1.3 |
Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the "fileName" parameter.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_plesk_panel | 9.5 |
Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic Error causing remote code execution. It allows an authenticated user to execute any application in the backend operating system through the web application, despite the affected application not being published. In addition, it was discovered that it is possible to access any host in the internal domain, even if it has no published applications or the mentioned host is no longer associated with that server farm.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | remote_application_server | 17.1.1 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the hypervisor kernel extension. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10030.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handler for HOST_IOCTL_INIT_HYPERVISOR in the prl_hypervisor kext. The issue results from the exposure of dangerous method or function to the unprivileged user. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-10518.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-749,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handler for HOST_IOCTL_SET_KERNEL_SYMBOLS in the prl_hypervisor kext. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-10519.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-822,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper validation of user-supplied data, which can result a pointer to be leaked after the handler is done. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-10520.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the OEMNet component. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-129,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the prl_naptd process. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11134.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-191,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-11217.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handling of network packets. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11253.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-11302.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-129,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-11303.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-129,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11304.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-129,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to disclose sensitive informations on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VGA virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11363.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-129,CWE-129,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 (47270). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. By examining a log file, an attacker can disclose a memory address. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-11063.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the attacker's client for use as a "host" value. In other words, after an attacker's web browser sent a request to the login form, it would automatically send a second request to a RASHTML5Gateway/socket.io URI with something like "host":"192.168.###.###" in the POST data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | remote_application_server | 18.0 |
Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallels_updates.xml file on the http://update.parallels.com web site.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-312,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels | 13 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.0-47107 . An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VGA virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-9403.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.1-47117. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI component. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the hypervisor. Was ZDI-CAN-9428.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10031.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-367,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10032.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the IOCTL handler. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-10028.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-129,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the IOCTL handler. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-10029.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-129,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of the information of the user could be compromised if an attacker is able to recover the profile password.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
| cve-coordination@incibe.es | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-255,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | remote_application_server | * |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11926.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.0.1 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-11924.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.0.1 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-11925.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.0.1 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12021.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H | 1.1 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.0.1 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12068.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.2 | LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N | 1.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.0.1 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the current user on the host system. Was ZDI-CAN-12130.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.1 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12131.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.4-47270 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12221.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.4-47270 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4-47270. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12136.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-908,CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.4-47270 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.0-48950. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12220.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-121,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.0-48950 |
This vulnerability allows local attackers to delete arbitrary files on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete arbitrary files in the context of the hypervisor. Was ZDI-CAN-12129.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N | 1.5 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.1-49141 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the e1000e virtual device. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12527.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H | 0.8 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-367,CWE-367,CWE-667,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.1-49141 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12528.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.5-47309 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Open Tools Gate component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12848.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-122,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.5-47309 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel on the target guest system. Was ZDI-CAN-12790.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.2-49151 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel on the target guest system. Was ZDI-CAN-12791.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.2-49151 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Open Tools Gate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13082.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.6 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N | 1.1 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-367,CWE-367,CWE-667,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.5-47309 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13186.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-122,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.5-47309 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13187.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-122,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.5-47309 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13188.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.5-47309 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13189.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.5-47309 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13190.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 15.1.5-47309 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an uncontrolled memory allocation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13544.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-789,CWE-770,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.3 |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13592.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.3 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtio-gpu virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13581.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.3 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13601.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.3 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the WinAppHelper component. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13543.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.1.3 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an uncontrolled memory allocation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13672.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-789,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels | 16.1.3-49160 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an uncontrolled memory allocation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13712.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-789,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels | 16.1.3-49160 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an uncontrolled memory allocation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13797.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-789,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels | 16.1.3-49160 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.0 (49183). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13932.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.5.0 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.5.1 (49187). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-14969.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 16.5.1 |
Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | h-sphere | 3.6.2 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the ACPI virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-16554.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 17.1.1_(51537) |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-16653.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 17.1.1_(51537) |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The product sets incorrect permissions on sensitive files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16395.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 17.1.1 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16396.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 17.1.1 |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16134.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_access | 6.5.4_(39316) |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Dispatcher service. The service loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15213.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_access | 6.5.4_(39313) |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The service executes files from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16137.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_access | 6.5.4_(39316) |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Desktop Control Agent service. The service loads Qt plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15787.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_access | 6.5.4_(39316) |
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. This vulnerability allows attackers to execute arbitrary commands via a crafted payload injected into the Host header.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | remote_application_server | 18.0 |
Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-17751.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-18150.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-18229.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-18253.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. . Was ZDI-CAN-18933.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18964.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied string before using it to construct an XML document. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-19187.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | remote_application_server | * |
Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-21227.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists within the virtio-gpu virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the hypervisor. . Was ZDI-CAN-21260.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. . Was ZDI-CAN-21817.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 (55740). When an archived virtual machine is restored, the prl_vmarchiver tool decompresses the file and writes the content back to its original location using root privileges. An attacker can exploit this process by using a hard link to write to an arbitrary file, potentially resulting in privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| talos-cna@cisco.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 20.1.1_(55740) |
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change the ownership of files owned by root to a lower-privilege user, potentially leading to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| talos-cna@cisco.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 20.1.1_(55740) |
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is taken, a root service writes to a file owned by a normal user. By using a hard link, an attacker can write to an arbitrary file, potentially leading to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| talos-cna@cisco.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 20.1.1_(55740) |
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Updater service. The issue results from the lack of proper validation of version information before performing an update. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-19481.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-20450.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASH_ENV environment variable with the path to the malicious script, executing on application startup. An attacker could exploit this vulnerability to escalate privileges on the system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-coordination@incibe.es | 7.7 | HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N | 1.3 | 5.8 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | * |
Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Technical Data Reporter component. By creating a symbolic link, an attacker can abuse the service to change the permissions of arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-25014.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | remote_application_server | * |
| parallels | parallels | * |
A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be exploited by an attacker to write to arbitrary files, potentially leading to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| talos-cna@cisco.com | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| parallels | parallels_desktop | 20.2.2_(55879) |