CVE-2024-42423 - CERT CVE

  1. CVE-2024-42423

ID CVE-2024-42423
Sažetak Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering.
Reference
CVSS
Base: 6.1
Impact: 4.2
Exploitability:1.8
Pristup
VektorSloženostAutentikacija
LOCAL LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW NONE
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Zadnje važnije ažuriranje 10-09-2024 - 15:50
Objavljeno 10-09-2024 - 15:15