Lucene search

MitreCVE-2007-4017

HistoryJul 26, 2007 - 1:30 a.m.

CVE-2007-4017

2007-07-2601:30:00

mitre

web.nvd.nist.gov

cve-2007-4017

cross-site request forgery

csrf

citrix access gateway

security

vulnerability

administration console

nvd.

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.025

Percentile

90.2%

JSON

Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers to perform certain configuration changes as administrators.

Affected configurations

Nvd

Node

citrixaccess_gatewayMatch4.5advanced

citrixaccess_gatewayMatch4.5standard

VendorProductVersionCPE
citrixaccess_gateway4.5cpe:2.3:a:citrix:access_gateway:4.5:*:advanced:*:*:*:*:*
citrixaccess_gateway4.5cpe:2.3:a:citrix:access_gateway:4.5:*:standard:*:*:*:*:*

Vendor	Product	Version	CPE
citrix	access_gateway	4.5	cpe:2.3:a:citrix:access_gateway:4.5::advanced:::::
citrix	access_gateway	4.5	cpe:2.3:a:citrix:access_gateway:4.5::standard:::::

References

osvdb.org/37841

secunia.com/advisories/26143

support.citrix.com/article/CTX113817

support.citrix.com/article/CTX114028

www.securityfocus.com/bid/24975

www.securitytracker.com/id?1018435

www.vupen.com/english/advisories/2007/2583

exchange.xforce.ibmcloud.com/vulnerabilities/35513

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.025

Percentile

90.2%

JSON

Related for CVE-2007-4017