CVE-2008-2300

Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://support.citrix.com/article/CTX116941
http://www.securityfocus.com/bid/29232
http://www.securitytracker.com/id?1020027
http://secunia.com/advisories/30271	Vendor Advisory
http://www.vupen.com/english/advisories/2008/1530/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42439

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:citrix:desktop_server:1.0:::::::*
	cpe:2.3:a:citrix:metaframe_presentation_server:4.0:::::::*
	cpe:2.3:a:citrix:access_essentials::::::::
	cpe:2.3:a:citrix:citrix_presentation_server::::::::
	cpe:2.3:a:citrix:access_essentials:1.0:::::::*
	cpe:2.3:a:citrix:access_essentials:1.5:::::::*

Information

Published : 2008-05-18 07:20

Updated : 2017-08-07 18:30

NVD link : CVE-2008-2300

Mitre link : CVE-2008-2300

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Products Affected

citrix

access_essentials
desktop_server
citrix_presentation_server
metaframe_presentation_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://support.citrix.com/article/CTX116941", "name": "http://support.citrix.com/article/CTX116941", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/29232", "name": "29232", "tags": [], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1020027", "name": "1020027", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/30271", "name": "30271", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2008/1530/references", "name": "ADV-2008-1530", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42439", "name": "citrix-presentationserver-unauth-access(42439)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-2300", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2008-05-18T14:20Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.0"}, {"cpe23Uri": "cpe:2.3:a:citrix:citrix_presentation_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.5"}, {"cpe23Uri": "cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:access_essentials:1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-08T01:30Z"}

6.5 /10