CVE-2001-0908

2002-02-0205:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.0%

JSON

CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).

References

marc.info/?l=bugtraq&m=100638693315933&w=2

www.securityfocus.com/bid/3566

exchange.xforce.ibmcloud.com/vulnerabilities/7538