Описание
The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:access_essentials:1.5:*:*:*:*:*:*:*
cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2000:*:*:*:*:*
cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2003:*:*:*:*:*
cpe:2.3:a:citrix:metaframe:3.0:*:x64_edition:*:*:*:*:*
cpe:2.3:a:citrix:metaframe:4.0:*:microsoft_windows_2000:*:*:*:*:*
cpe:2.3:a:citrix:metaframe:4.0:*:microsoft_windows_2003:*:*:*:*:*
cpe:2.3:a:citrix:metaframe:4.0:*:x64_edition:*:*:*:*:*
EPSS
Процентиль: 87%
0.03485
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string.
EPSS
Процентиль: 87%
0.03485
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other