Lucene search

MitreCVE-2008-2300

HistoryMay 18, 2008 - 2:20 p.m.

CVE-2008-2300

2008-05-1814:20:00

CWE-264

mitre

web.nvd.nist.gov

citrix

presentation server

access essentials

desktop server

remote access

unauthorized access

vulnerability

cve-2008-2300

nvd

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.004

Percentile

73.6%

JSON

Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.

Affected configurations

Nvd

Node

citrixaccess_essentialsRange≤2.0

citrixaccess_essentialsMatch1.0

citrixaccess_essentialsMatch1.5

citrixcitrix_presentation_serverRange≤4.5

citrixdesktop_serverMatch1.0

citrixmetaframe_presentation_serverMatch4.0

VendorProductVersionCPE
citrixaccess_essentials*cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*
citrixaccess_essentials1.0cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*
citrixaccess_essentials1.5cpe:2.3:a:citrix:access_essentials:1.5:*:*:*:*:*:*:*
citrixcitrix_presentation_server*cpe:2.3:a:citrix:citrix_presentation_server:*:*:*:*:*:*:*:*
citrixdesktop_server1.0cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*
citrixmetaframe_presentation_server4.0cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
citrix	access_essentials	*	cpe:2.3:a:citrix:access_essentials::::::::
citrix	access_essentials	1.0	cpe:2.3:a:citrix:access_essentials:1.0:::::::*
citrix	access_essentials	1.5	cpe:2.3:a:citrix:access_essentials:1.5:::::::*
citrix	citrix_presentation_server	*	cpe:2.3:a:citrix:citrix_presentation_server::::::::
citrix	desktop_server	1.0	cpe:2.3:a:citrix:desktop_server:1.0:::::::*
citrix	metaframe_presentation_server	4.0	cpe:2.3:a:citrix:metaframe_presentation_server:4.0:::::::*

References

secunia.com/advisories/30271

support.citrix.com/article/CTX116941

www.securityfocus.com/bid/29232

www.securitytracker.com/id?1020027

www.vupen.com/english/advisories/2008/1530/references

exchange.xforce.ibmcloud.com/vulnerabilities/42439

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.004

Percentile

73.6%

JSON

Related for CVE-2008-2300