CVE-2008-2528

Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network resources" via unspecified vectors.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://support.citrix.com/article/CTX116930	Patch
http://secunia.com/advisories/30175	Patch
http://www.securitytracker.com/id?1020025
http://www.securityfocus.com/bid/29174
http://www.vupen.com/english/advisories/2008/1474/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42356

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:citrix:access_gateway:::standard:::::*
	cpe:2.3:a:citrix:access_gateway::advanced:hf2:::::
	cpe:2.3:a:citrix:access_gateway:4.5.5::standard:::::
	cpe:2.3:a:citrix:access_gateway:4.5.6::standard:::::

Information

Published : 2008-06-03 08:32

Updated : 2017-08-07 18:31

NVD link : CVE-2008-2528

Mitre link : CVE-2008-2528

JSON object : View

CWE

NVD-CWE-noinfo CWE-287

Improper Authentication

Advertisement

Products Affected

citrix

access_gateway

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://support.citrix.com/article/CTX116930", "name": "http://support.citrix.com/article/CTX116930", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/30175", "name": "30175", "tags": ["Patch"], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1020025", "name": "1020025", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/29174", "name": "29174", "tags": [], "refsource": "BID"}, {"url": "http://www.vupen.com/english/advisories/2008/1474/references", "name": "ADV-2008-1474", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42356", "name": "citrix-access-unspecified-auth-bypass(42356)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain \"access to network resources\" via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-2528", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "acInsufInfo": true, "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2008-06-03T15:32Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:citrix:access_gateway:*:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.5.7"}, {"cpe23Uri": "cpe:2.3:a:citrix:access_gateway:*:advanced:hf2:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.5"}, {"cpe23Uri": "cpe:2.3:a:citrix:access_gateway:4.5.5:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:access_gateway:4.5.6:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-08T01:31Z"}