CVE-2008-2300

Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/30271	Vendor Advisory
http://support.citrix.com/article/CTX116941
http://www.securityfocus.com/bid/29232
http://www.securitytracker.com/id?1020027
http://www.vupen.com/english/advisories/2008/1530/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42439

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:citrix:access_essentials::::::::
	cpe:2.3:a:citrix:access_essentials:1.0:::::::*
	cpe:2.3:a:citrix:access_essentials:1.5:::::::*
	cpe:2.3:a:citrix:citrix_presentation_server::::::::
	cpe:2.3:a:citrix:desktop_server:1.0:::::::*
	cpe:2.3:a:citrix:metaframe_presentation_server:4.0:::::::*

History

No history.

Information

Published : 2008-05-18 14:20

Updated : 2023-12-10 10:51

NVD link : CVE-2008-2300

Mitre link : CVE-2008-2300

CVE.ORG link : CVE-2008-2300

JSON object : View

Products Affected

citrix

citrix_presentation_server
metaframe_presentation_server
access_essentials
desktop_server

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2008-2300", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2008-05-18T14:20:00.000", "references": [{"url": "http://secunia.com/advisories/30271", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.citrix.com/article/CTX116941", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/29232", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1020027", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1530/references", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42439", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en Citrix Presentation Server 4.5 y anteriores, Citrix Access Essentials 2.0 y anteriores y Citrix Desktop Server 1.0 permite a atacantes autentificados remotamente acceder a escritorios no autorizados mediante vectores de ataque desconocidos."}], "lastModified": "2017-08-08T01:30:55.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96365CE2-22BF-408E-939F-22FFABF63061", "versionEndIncluding": "2.0"}, {"criteria": "cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FF9F197-991D-4920-BE9A-2E3495E76CD2"}, {"criteria": "cpe:2.3:a:citrix:access_essentials:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21B89150-1806-481D-B0D9-FD37BA4798D1"}, {"criteria": "cpe:2.3:a:citrix:citrix_presentation_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A571EDD-12ED-4398-8AED-5916A4580294", "versionEndIncluding": "4.5"}, {"criteria": "cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08AEEC3F-E8DD-4535-98D2-4CFD83439A69"}, {"criteria": "cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15137D61-8E46-4F46-B475-098429A79484"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}