Описание
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown vectors.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Patch
- Patch
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Patch
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:citrix:presentation_server:4.5:-:se:*:*:*:*:*
cpe:2.3:a:citrix:presentation_server:4.5:-:windows_server_2003:*:*:*:*:*
cpe:2.3:a:citrix:presentation_server:4.5:-:windows_server_2003_x64:*:*:*:*:*
cpe:2.3:a:citrix:presentation_server:4.5:fp1:*:*:*:*:*:*
cpe:2.3:a:citrix:xenapp:4.5:fp3:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00727
Низкий
7.5 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown vectors.
EPSS
Процентиль: 72%
0.00727
Низкий
7.5 High
CVSS2
Дефекты
CWE-264