Lucene search

[email protected]CVE-2001-0908

HistoryFeb 02, 2002 - 5:00 a.m.

CVE-2001-0908

2002-02-0205:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0908

citrix metaframe

ip spoofing

network address translation

network security.

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.0%

JSON

CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).

Affected configurations

NVD

Node

citrixmetaframeMatch1.8

CPENameOperatorVersion
citrix:metaframecitrix metaframeeq1.8

CPE	Name	Operator	Version
citrix:metaframe	citrix metaframe	eq	1.8

References

marc.info/?l=bugtraq&m=100638693315933&w=2

www.securityfocus.com/bid/3566

exchange.xforce.ibmcloud.com/vulnerabilities/7538

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.0%

JSON

Related for CVE-2001-0908

cvelist1 nvd1