Описание
CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:citrix:metaframe:1.8:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.0064
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).
EPSS
Процентиль: 70%
0.0064
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other