Описание
Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information.
Ссылки
- Vendor Advisory
- Patch
- ExploitPatch
- Vendor Advisory
- Patch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:citrix:edgesight_for_endpoints:4.2:*:*:*:*:*:*:*
cpe:2.3:a:citrix:edgesight_for_endpoints:4.5:*:*:*:*:*:*:*
cpe:2.3:a:citrix:edgesight_for_netscaler:1.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:edgesight_for_netscaler:1.1:*:*:*:*:*:*:*
cpe:2.3:a:citrix:edgesight_for_presentation_server:4.2:*:*:*:*:*:*:*
cpe:2.3:a:citrix:edgesight_for_presentation_server:4.5:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00081
Низкий
2.1 Low
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
почти 4 года назад
Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, which allows local users to obtain sensitive information.
EPSS
Процентиль: 24%
0.00081
Низкий
2.1 Low
CVSS2
Дефекты
CWE-255