CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
13.2%
Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.
Vendor | Product | Version | CPE |
---|---|---|---|
citrix | workspace | * | cpe:2.3:a:citrix:workspace:*:*:*:*:-:windows:*:* |
citrix | workspace | 1912 | cpe:2.3:a:citrix:workspace:1912:-:*:*:ltsr:windows:*:* |
citrix | workspace | 1912 | cpe:2.3:a:citrix:workspace:1912:cu1:*:*:ltsr:windows:*:* |
citrix | workspace | 1912 | cpe:2.3:a:citrix:workspace:1912:cu1-hf1:*:*:ltsr:windows:*:* |
citrix | workspace | 1912 | cpe:2.3:a:citrix:workspace:1912:cu2:*:*:ltsr:windows:*:* |
citrix | workspace | 1912 | cpe:2.3:a:citrix:workspace:1912:cu3:*:*:ltsr:windows:*:* |
citrix | workspace | 1912 | cpe:2.3:a:citrix:workspace:1912:cu4:*:*:ltsr:windows:*:* |
citrix | workspace | 1912 | cpe:2.3:a:citrix:workspace:1912:cu5:*:*:ltsr:windows:*:* |
citrix | workspace | 1912 | cpe:2.3:a:citrix:workspace:1912:cu6:*:*:ltsr:windows:*:* |
citrix | workspace | 2203.1 | cpe:2.3:a:citrix:workspace:2203.1:-:*:*:ltsr:windows:*:* |
[
{
"vendor": "Citrix",
"product": "Citrix Workspace App for Windows",
"versions": [
{
"version": "Citrix Workspace App versions",
"status": "affected",
"lessThan": "2212",
"versionType": "custom",
"changes": [
{
"at": "2203 LTSR before CU2 ",
"status": "unaffected"
},
{
"at": "1912 LTSR before CU7 Hotfix 2 (19.12.7002) ",
"status": "unaffected"
}
]
}
]
}
]