CVE-2022-1805

Published: Jul 28, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client.

Vendor	Product	Versions
n/a	Tera2 Zero Client	affected `Firmware version 22.04 and earlier`

References

https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-1805

Description

Affected Products

References