cvelistv5 - cve-2024-8069

CVE-2024-8069 (GCVE-0-2024-8069)

Vulnerability from cvelistv5 – Published: 2024-11-12 18:01 – Updated: 2025-10-21 22:55

CISA

Summary

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server

Severity ?

5.1 (Medium)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

Citrix

References

URL

Tags

https://support.citrix.com/s/article/CTX691941-ci…

Impacted products

	Vendor	Product	Version
	Citrix Session Recording	Citrix Session Recording	Affected: 2407 Current Release , < 24.5.200.8 (patch) Affected: 1912 LTSR , < CU9 hotfix 19.12.9100.6 (patch) Affected: 2203 LTSR , < CU5 hotfix 22.03.5100.11 (patch) Affected: 2402 LTSR , < CU1 hotfix 24.02.1200.16 (patch)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2025-08-25

Due date: 2025-09-15

Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Unknown

Notes: https://support.citrix.com/external/article/691941/citrix-session-recording-security-bullet.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-8069

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8069",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-26T03:55:21.218023Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-08-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T22:55:36.857Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-08-25T00:00:00+00:00",
            "value": "CVE-2024-8069 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Citrix Session Recording",
          "vendor": "Citrix Session Recording",
          "versions": [
            {
              "lessThan": "24.5.200.8",
              "status": "affected",
              "version": "2407 Current Release",
              "versionType": "patch"
            },
            {
              "lessThan": "CU9 hotfix 19.12.9100.6",
              "status": "affected",
              "version": "1912 LTSR",
              "versionType": "patch"
            },
            {
              "lessThan": "CU5 hotfix 22.03.5100.11",
              "status": "affected",
              "version": "2203 LTSR",
              "versionType": "patch"
            },
            {
              "lessThan": "CU1 hotfix 24.02.1200.16",
              "status": "affected",
              "version": "2402 LTSR",
              "versionType": "patch"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eLimited remote code execution with privilege of a NetworkService Account access\u0026nbsp;\u003c/span\u003ein\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCitrix Session Recording if the a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ettacker is an authenticated user on the same intranet as the session recording server \u003c/span\u003e\u003c/span\u003e"
            }
          ],
          "value": "Limited remote code execution with privilege of a NetworkService Account access\u00a0in\u00a0Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T18:01:15.375Z",
        "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "shortName": "Citrix"
      },
      "references": [
        {
          "url": "https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Limited remote code execution with privilege of a NetworkService Account access",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
    "assignerShortName": "Citrix",
    "cveId": "CVE-2024-8069",
    "datePublished": "2024-11-12T18:01:15.375Z",
    "dateReserved": "2024-08-21T23:22:40.773Z",
    "dateUpdated": "2025-10-21T22:55:36.857Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2024-8069",
      "cwes": "[\"CWE-502\"]",
      "dateAdded": "2025-08-25",
      "dueDate": "2025-09-15",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://support.citrix.com/external/article/691941/citrix-session-recording-security-bullet.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-8069",
      "product": "Session Recording",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. Attacker must be an authenticated user on the same intranet as the session recording server.",
      "vendorProject": "Citrix",
      "vulnerabilityName": "Citrix Session Recording Deserialization of Untrusted Data Vulnerability"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Limited remote code execution with privilege of a NetworkService Account access\\u00a0in\\u00a0Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server\"}, {\"lang\": \"es\", \"value\": \"Ejecuci\\u00f3n remota limitada de c\\u00f3digo con privilegio de acceso a una cuenta de servicio de red en la grabaci\\u00f3n de sesiones de Citrix si el atacante es un usuario autenticado en la misma intranet que el servidor de grabaci\\u00f3n de sesiones\"}]",
      "id": "CVE-2024-8069",
      "lastModified": "2024-11-13T17:01:16.850",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"secure@citrix.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 5.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"LOW\", \"vulnerableSystemIntegrity\": \"LOW\", \"vulnerableSystemAvailability\": \"LOW\", \"subsequentSystemConfidentiality\": \"NONE\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}], \"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2024-11-12T18:15:47.603",
      "references": "[{\"url\": \"https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US\", \"source\": \"secure@citrix.com\"}]",
      "sourceIdentifier": "secure@citrix.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"secure@citrix.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-8069\",\"sourceIdentifier\":\"secure@citrix.com\",\"published\":\"2024-11-12T18:15:47.603\",\"lastModified\":\"2025-10-24T13:42:29.560\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Limited remote code execution with privilege of a NetworkService Account access\u00a0in\u00a0Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server\"},{\"lang\":\"es\",\"value\":\"Ejecuci\u00f3n remota limitada de c\u00f3digo con privilegio de acceso a una cuenta de servicio de red en la grabaci\u00f3n de sesiones de Citrix si el atacante es un usuario autenticado en la misma intranet que el servidor de grabaci\u00f3n de sesiones\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"secure@citrix.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2025-08-25\",\"cisaActionDue\":\"2025-09-15\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Citrix Session Recording Deserialization of Untrusted Data Vulnerability\",\"weaknesses\":[{\"source\":\"secure@citrix.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"2407\",\"matchCriteriaId\":\"FCF54DB8-BBE4-4E48-9037-6FD0E3E3426E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:-:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"7F7F0822-5777-4970-A81F-2FECDE137E53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:cu1:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"E0A17B51-A720-4DB7-BF84-CE13B9517C91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:cu2:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"9BE1BBDB-B867-4B8D-AE55-24D09F0D4EF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:cu3:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"B4E177A4-F2AF-450F-AC8F-5609E586C654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:cu4:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"86C686E6-2980-49B3-8229-09EB8F91EDCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:cu5:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"79E71D63-EB85-4305-8F9D-D1BF7EC71992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:cu6:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"A46CDA97-3C7C-45B6-890E-9676F059CD88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:cu7:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"560A4530-C2D2-4631-A754-6DC97E3F29E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:1912:cu8:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"A9650D15-919D-4F9E-A54D-9E5174D26B07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:2203:-:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"C160123B-9BD5-4B7A-A516-F5A5F97FCC79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:2203:cu1:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"3F507C4F-89AE-45DC-A849-44204AD06D09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:2203:cu2:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"D40669E2-BE98-420B-98F0-10FBF2EA5E6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:2203:cu3:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"72923D9A-96C8-40D7-A630-C3C143A7AEA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:2203:cu4:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"133696EC-56AB-4B77-8CFE-C97550886037\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:2402:-:*:*:ltsr:*:*:*\",\"matchCriteriaId\":\"34A32BF4-B379-46D9-AAE6-85680B5ECA42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:session_recording:2407:-:*:*:-:*:*:*\",\"matchCriteriaId\":\"272D5CE4-4A2F-4417-A274-711FF4115907\"}]}]}],\"references\":[{\"url\":\"https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US\",\"source\":\"secure@citrix.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"Citrix Session Recording\", \"vendor\": \"Citrix Session Recording\", \"versions\": [{\"lessThan\": \"24.5.200.8\", \"status\": \"affected\", \"version\": \"2407 Current Release\", \"versionType\": \"patch\"}, {\"lessThan\": \"CU9 hotfix 19.12.9100.6\", \"status\": \"affected\", \"version\": \"1912 LTSR\", \"versionType\": \"patch\"}, {\"lessThan\": \"CU5 hotfix 22.03.5100.11\", \"status\": \"affected\", \"version\": \"2203 LTSR\", \"versionType\": \"patch\"}, {\"lessThan\": \"CU1 hotfix 24.02.1200.16\", \"status\": \"affected\", \"version\": \"2402 LTSR\", \"versionType\": \"patch\"}]}], \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eLimited remote code execution with privilege of a NetworkService Account access\u0026nbsp;\u003c/span\u003ein\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eCitrix Session Recording if the a\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003ettacker is an authenticated user on the same intranet as the session recording server \u003c/span\u003e\u003c/span\u003e\"}], \"value\": \"Limited remote code execution with privilege of a NetworkService Account access\\u00a0in\\u00a0Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server\"}], \"metrics\": [{\"cvssV4_0\": {\"Automatable\": \"NOT_DEFINED\", \"Recovery\": \"NOT_DEFINED\", \"Safety\": \"NOT_DEFINED\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"attackVector\": \"ADJACENT\", \"baseScore\": 5.1, \"baseSeverity\": \"MEDIUM\", \"privilegesRequired\": \"LOW\", \"providerUrgency\": \"NOT_DEFINED\", \"subAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N\", \"version\": \"4.0\", \"vulnAvailabilityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"e437aed5-38e0-4fa3-a98b-cb73e7acaec6\", \"shortName\": \"Citrix\", \"dateUpdated\": \"2024-11-12T18:01:15.375Z\"}, \"references\": [{\"url\": \"https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"title\": \"Limited remote code execution with privilege of a NetworkService Account access\", \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-8069\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-26T03:55:21.218023Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2025-08-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T15:33:45.562Z\"}, \"timeline\": [{\"time\": \"2025-08-25T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2024-8069 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-8069\", \"assignerOrgId\": \"e437aed5-38e0-4fa3-a98b-cb73e7acaec6\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Citrix\", \"dateReserved\": \"2024-08-21T23:22:40.773Z\", \"datePublished\": \"2024-11-12T18:01:15.375Z\", \"dateUpdated\": \"2025-10-21T19:44:14.555Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2024-3443

Vulnerability from csaf_certbund - Published: 2024-11-12 23:00 - Updated: 2025-08-25 22:00

Summary

Citrix Systems Virtual Apps and Desktops: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Citrix Virtual Apps and Desktops ist eine Lösung zur Anwendungsvirtualisierung.

Angriff

Ein Angreifer aus einem angrenzenden Netzwerk kann mehrere Schwachstellen in Citrix Systems Virtual Apps and Desktops ausnutzen, um seine Privilegien zu erhöhen und Code auszuführen.

Betroffene Betriebssysteme

- Linux - Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Citrix Virtual Apps and Desktops ist eine L\u00f6sung zur Anwendungsvirtualisierung.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer aus einem angrenzenden Netzwerk kann mehrere Schwachstellen in Citrix Systems Virtual Apps and Desktops ausnutzen, um seine Privilegien zu erh\u00f6hen und Code auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3443 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3443.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3443 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3443"
      },
      {
        "category": "external",
        "summary": "Citrix Security Bulletin CTX691941 vom 2024-11-12",
        "url": "https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US"
      },
      {
        "category": "external",
        "summary": "PoC auf GitHub vom 2024-11-13",
        "url": "https://github.com/watchtowrlabs/Citrix-Virtual-Apps-XEN-Exploit"
      },
      {
        "category": "external",
        "summary": "CISA KEV Catalog vom 2025-08-26",
        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
      }
    ],
    "source_lang": "en-US",
    "title": "Citrix Systems Virtual Apps and Desktops: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-08-25T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-26T06:55:20.757+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2024-3443",
      "initial_release_date": "2024-11-12T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-12T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "2",
          "summary": "PoC aufgenommen"
        },
        {
          "date": "2025-08-25T22:00:00.000+00:00",
          "number": "3",
          "summary": "Exploit aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2407 hotfix 24.5.200.8",
                "product": {
                  "name": "Citrix Systems Virtual Apps and Desktops \u003c2407 hotfix 24.5.200.8",
                  "product_id": "T038968"
                }
              },
              {
                "category": "product_version",
                "name": "2407 hotfix 24.5.200.8",
                "product": {
                  "name": "Citrix Systems Virtual Apps and Desktops 2407 hotfix 24.5.200.8",
                  "product_id": "T038968-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:citrix:virtual_apps_and_desktops:2407_hotfix_24.5.200.8"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "1912 LTSR \u003cCU9 hotfix 19.12.9100.6",
                "product": {
                  "name": "Citrix Systems Virtual Apps and Desktops 1912 LTSR \u003cCU9 hotfix 19.12.9100.6",
                  "product_id": "T038970"
                }
              },
              {
                "category": "product_version",
                "name": "1912 LTSR CU9 hotfix 19.12.9100.6",
                "product": {
                  "name": "Citrix Systems Virtual Apps and Desktops 1912 LTSR CU9 hotfix 19.12.9100.6",
                  "product_id": "T038970-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:citrix:virtual_apps_and_desktops:1912_ltsr__cu9_hotfix_19.12.9100.6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "2203 LTSR \u003cCU5 hotfix 22.03.5100.11",
                "product": {
                  "name": "Citrix Systems Virtual Apps and Desktops 2203 LTSR \u003cCU5 hotfix 22.03.5100.11",
                  "product_id": "T038971"
                }
              },
              {
                "category": "product_version",
                "name": "2203 LTSR CU5 hotfix 22.03.5100.11",
                "product": {
                  "name": "Citrix Systems Virtual Apps and Desktops 2203 LTSR CU5 hotfix 22.03.5100.11",
                  "product_id": "T038971-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:citrix:virtual_apps_and_desktops:2203_ltsr__cu5_hotfix_22.03.5100.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "2402 LTSR \u003cCU1 hotfix 24.02.1200.16",
                "product": {
                  "name": "Citrix Systems Virtual Apps and Desktops 2402 LTSR \u003cCU1 hotfix 24.02.1200.16",
                  "product_id": "T038972"
                }
              },
              {
                "category": "product_version",
                "name": "2402 LTSR CU1 hotfix 24.02.1200.16",
                "product": {
                  "name": "Citrix Systems Virtual Apps and Desktops 2402 LTSR CU1 hotfix 24.02.1200.16",
                  "product_id": "T038972-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:citrix:virtual_apps_and_desktops:2402_ltsr__cu1_hotfix_24.02.1200.16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Virtual Apps and Desktops"
          }
        ],
        "category": "vendor",
        "name": "Citrix Systems"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-8068",
      "product_status": {
        "known_affected": [
          "T038968",
          "T038970",
          "T038972",
          "T038971"
        ]
      },
      "release_date": "2024-11-12T23:00:00.000+00:00",
      "title": "CVE-2024-8068"
    },
    {
      "cve": "CVE-2024-8069",
      "product_status": {
        "known_affected": [
          "T038968",
          "T038970",
          "T038972",
          "T038971"
        ]
      },
      "release_date": "2024-11-12T23:00:00.000+00:00",
      "title": "CVE-2024-8069"
    }
  ]
}

GHSA-WW66-45GM-65FM

Vulnerability from github – Published: 2024-11-12 18:31 – Updated: 2025-10-22 00:33

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

5.1 (Medium)


                  
                    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-8069"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-12T18:15:47Z",
    "severity": "MODERATE"
  },
  "details": "Limited remote code execution with privilege of a NetworkService Account access\u00a0in\u00a0Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server",
  "id": "GHSA-ww66-45gm-65fm",
  "modified": "2025-10-22T00:33:11Z",
  "published": "2024-11-12T18:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8069"
    },
    {
      "type": "WEB",
      "url": "https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

CERTFR-2024-AVI-0964

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Citrix. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Le CERT-FR a connaissance de codes d'exploitation publics pour les vulnérabilités CVE-2024-8068 et CVE-2024-8069.

Impacted products

Vendor	Product	Description
Citrix	NetScaler ADC	NetScaler ADC versions12.1-FIPS antérieures à 12.1-55.321
Citrix	NetScaler Gateway	NetScaler Gateway versions 14.1.x antérieures à 14.1-29.72
Citrix	NetScaler ADC	NetScaler ADC versions antérieures à 13.1-55.34
Citrix	Virtual Apps and Desktops	Virtual Apps and Desktops versions antérieures à 2407 avec le correctif de sécurité 24.5.200.8
Citrix	NetScaler Gateway	NetScaler Gateway versions antérieures à 13.1-55.34
Citrix	NetScaler ADC	NetScaler ADC versions 13.1-FIPS antérieures à 13.1-37.207
Citrix	NetScaler ADC	NetScaler ADC versions 12.1-NDcPP antérieures à 12.1-55.321
Citrix	NetScaler ADC	NetScaler ADC versions 14.1.x antérieures à 14.1-29.72
Citrix	Virtual Apps and Desktops	Citrix Virtual Apps and Desktops versions 2402 LTSR antérieures à CU1 hotfix 24.02.1200.16
Citrix	Virtual Apps and Desktops	Virtual Apps and Desktops versions 1912 LTSR antérieures à CU9 hotfix 19.12.9100.6
Citrix	Virtual Apps and Desktops	Virtual Apps and Desktops versions 2203 LTSR antérieures à CU5 hotfix 22.03.5100.11

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX691608	2024-11-12	vendor-advisory
Bulletin de sécurité Citrix CTX691941	2024-11-12	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "NetScaler ADC versions12.1-FIPS ant\u00e9rieures \u00e0 12.1-55.321",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler Gateway versions 14.1.x ant\u00e9rieures \u00e0 14.1-29.72",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler ADC versions ant\u00e9rieures \u00e0 13.1-55.34",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Virtual Apps and Desktops versions ant\u00e9rieures \u00e0 2407 avec le correctif de s\u00e9curit\u00e9 24.5.200.8",
      "product": {
        "name": "Virtual Apps and Desktops",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler Gateway versions ant\u00e9rieures \u00e0 13.1-55.34",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler ADC versions 13.1-FIPS ant\u00e9rieures \u00e0 13.1-37.207",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler ADC versions 12.1-NDcPP ant\u00e9rieures \u00e0 12.1-55.321",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler ADC versions 14.1.x ant\u00e9rieures \u00e0 14.1-29.72",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix Virtual Apps and Desktops versions 2402 LTSR ant\u00e9rieures \u00e0 CU1 hotfix 24.02.1200.16",
      "product": {
        "name": "Virtual Apps and Desktops",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Virtual Apps and Desktops versions 1912 LTSR ant\u00e9rieures \u00e0 CU9 hotfix 19.12.9100.6",
      "product": {
        "name": "Virtual Apps and Desktops",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Virtual Apps and Desktops versions 2203 LTSR ant\u00e9rieures \u00e0 CU5 hotfix 22.03.5100.11",
      "product": {
        "name": "Virtual Apps and Desktops",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "Le CERT-FR a connaissance de codes d\u0027exploitation publics pour les vuln\u00e9rabilit\u00e9s CVE-2024-8068 et CVE-2024-8069.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-8535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8535"
    },
    {
      "name": "CVE-2024-8069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8069"
    },
    {
      "name": "CVE-2024-8534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8534"
    },
    {
      "name": "CVE-2024-8068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8068"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0964",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-11-12T00:00:00.000000"
    },
    {
      "description": "Le CERT-FR a connaissance de codes d\u0027exploitation publics",
      "revision_date": "2024-11-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
  "vendor_advisories": [
    {
      "published_at": "2024-11-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX691608",
      "url": "https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535"
    },
    {
      "published_at": "2024-11-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX691941",
      "url": "https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069"
    }
  ]
}

CERTFR-2024-AVI-0964

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Le CERT-FR a connaissance de codes d'exploitation publics pour les vulnérabilités CVE-2024-8068 et CVE-2024-8069.

Impacted products

Vendor	Product	Description
Citrix	NetScaler ADC	NetScaler ADC versions12.1-FIPS antérieures à 12.1-55.321
Citrix	NetScaler Gateway	NetScaler Gateway versions 14.1.x antérieures à 14.1-29.72
Citrix	NetScaler ADC	NetScaler ADC versions antérieures à 13.1-55.34
Citrix	Virtual Apps and Desktops	Virtual Apps and Desktops versions antérieures à 2407 avec le correctif de sécurité 24.5.200.8
Citrix	NetScaler Gateway	NetScaler Gateway versions antérieures à 13.1-55.34
Citrix	NetScaler ADC	NetScaler ADC versions 13.1-FIPS antérieures à 13.1-37.207
Citrix	NetScaler ADC	NetScaler ADC versions 12.1-NDcPP antérieures à 12.1-55.321
Citrix	NetScaler ADC	NetScaler ADC versions 14.1.x antérieures à 14.1-29.72
Citrix	Virtual Apps and Desktops	Citrix Virtual Apps and Desktops versions 2402 LTSR antérieures à CU1 hotfix 24.02.1200.16
Citrix	Virtual Apps and Desktops	Virtual Apps and Desktops versions 1912 LTSR antérieures à CU9 hotfix 19.12.9100.6
Citrix	Virtual Apps and Desktops	Virtual Apps and Desktops versions 2203 LTSR antérieures à CU5 hotfix 22.03.5100.11

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX691608	2024-11-12	vendor-advisory
Bulletin de sécurité Citrix CTX691941	2024-11-12	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "NetScaler ADC versions12.1-FIPS ant\u00e9rieures \u00e0 12.1-55.321",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler Gateway versions 14.1.x ant\u00e9rieures \u00e0 14.1-29.72",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler ADC versions ant\u00e9rieures \u00e0 13.1-55.34",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Virtual Apps and Desktops versions ant\u00e9rieures \u00e0 2407 avec le correctif de s\u00e9curit\u00e9 24.5.200.8",
      "product": {
        "name": "Virtual Apps and Desktops",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler Gateway versions ant\u00e9rieures \u00e0 13.1-55.34",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler ADC versions 13.1-FIPS ant\u00e9rieures \u00e0 13.1-37.207",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler ADC versions 12.1-NDcPP ant\u00e9rieures \u00e0 12.1-55.321",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "NetScaler ADC versions 14.1.x ant\u00e9rieures \u00e0 14.1-29.72",
      "product": {
        "name": "NetScaler ADC",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix Virtual Apps and Desktops versions 2402 LTSR ant\u00e9rieures \u00e0 CU1 hotfix 24.02.1200.16",
      "product": {
        "name": "Virtual Apps and Desktops",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Virtual Apps and Desktops versions 1912 LTSR ant\u00e9rieures \u00e0 CU9 hotfix 19.12.9100.6",
      "product": {
        "name": "Virtual Apps and Desktops",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Virtual Apps and Desktops versions 2203 LTSR ant\u00e9rieures \u00e0 CU5 hotfix 22.03.5100.11",
      "product": {
        "name": "Virtual Apps and Desktops",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "Le CERT-FR a connaissance de codes d\u0027exploitation publics pour les vuln\u00e9rabilit\u00e9s CVE-2024-8068 et CVE-2024-8069.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-8535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8535"
    },
    {
      "name": "CVE-2024-8069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8069"
    },
    {
      "name": "CVE-2024-8534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8534"
    },
    {
      "name": "CVE-2024-8068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8068"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0964",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-11-12T00:00:00.000000"
    },
    {
      "description": "Le CERT-FR a connaissance de codes d\u0027exploitation publics",
      "revision_date": "2024-11-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Citrix. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
  "vendor_advisories": [
    {
      "published_at": "2024-11-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX691608",
      "url": "https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535"
    },
    {
      "published_at": "2024-11-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX691941",
      "url": "https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069"
    }
  ]
}

NCSC-2024-0440

Vulnerability from csaf_ncscnl - Published: 2024-11-13 08:51 - Updated: 2024-11-13 08:51

Summary

Kwetsbaarheden verholpen in Citrix Session Recording

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Citrix heeft kwetsbaarheden verholpen in Citrix Session Recording

Interpretaties

Een kwaadwillende met beperkte rechten kan de kwetsbaarheden misbruiken om toegang te verkrijgen tot service accounts en willekeurige code uit te voeren op de server. Onderzoekers hebben Proof-of-Concept-code gepubliceerd, waarmee de kwetsbaarheid met kenmerk CVE-2024-8069 kan worden aangetoond. Het is goed gebruik een dergelijke interface niet publiek toegankelijk te hebben, maar af te steunen in een separate beheeromgeving.

Oplossingen

Citrix heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-502

Deserialization of Untrusted Data

CWE-269

Improper Privilege Management

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Citrix heeft kwetsbaarheden verholpen in Citrix Session Recording",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende met beperkte rechten kan de kwetsbaarheden misbruiken om toegang te verkrijgen tot service accounts en willekeurige code uit te voeren op de server.\n\nOnderzoekers hebben Proof-of-Concept-code gepubliceerd, waarmee de kwetsbaarheid met kenmerk CVE-2024-8069 kan worden aangetoond. Het is goed gebruik een dergelijke interface niet publiek toegankelijk te hebben, maar af te steunen in een separate beheeromgeving.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Citrix heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Source - cveprojectv5",
        "url": "https://www.cve.org/CVERecord?id=CVE-2024-8068"
      },
      {
        "category": "external",
        "summary": "Source - cveprojectv5",
        "url": "https://www.cve.org/CVERecord?id=CVE-2024-8069"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Citrix Session Recording",
    "tracking": {
      "current_release_date": "2024-11-13T08:51:17.257998Z",
      "id": "NCSC-2024-0440",
      "initial_release_date": "2024-11-13T08:51:17.257998Z",
      "revision_history": [
        {
          "date": "2024-11-13T08:51:17.257998Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "citrix_session_recording",
            "product": {
              "name": "citrix_session_recording",
              "product_id": "CSAFPID-1713500",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix:citrix_session_recording:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "session_recording",
            "product": {
              "name": "session_recording",
              "product_id": "CSAFPID-1714876",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix:session_recording:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "virtual_apps_and_desktops",
            "product": {
              "name": "virtual_apps_and_desktops",
              "product_id": "CSAFPID-219091",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:-:*:*:ltsr:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "virtual_apps_and_desktops",
            "product": {
              "name": "virtual_apps_and_desktops",
              "product_id": "CSAFPID-219098",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2203:-:*:*:ltsr:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "virtual_apps_and_desktops",
            "product": {
              "name": "virtual_apps_and_desktops",
              "product_id": "CSAFPID-1714608",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2402:*:*:*:ltsr:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "virtual_apps_and_desktops",
            "product": {
              "name": "virtual_apps_and_desktops",
              "product_id": "CSAFPID-1714609",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2407:-:*:*:cr:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "citrix"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "citrix_session_recording",
            "product": {
              "name": "citrix_session_recording",
              "product_id": "CSAFPID-1713517",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:citrix_session_recording:citrix_session_recording:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "citrix_session_recording"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-8068",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1713500",
          "CSAFPID-219098",
          "CSAFPID-219091"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8068",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8068.json"
        }
      ],
      "title": "CVE-2024-8068"
    },
    {
      "cve": "CVE-2024-8069",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1713517",
          "CSAFPID-219091",
          "CSAFPID-219098"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8069",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8069.json"
        }
      ],
      "title": "CVE-2024-8069"
    }
  ]
}

FKIE_CVE-2024-8069

Vulnerability from fkie_nvd - Published: 2024-11-12 18:15 - Updated: 2025-10-24 13:42

Severity ?

8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	secure@citrix.com	https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US	Vendor Advisory
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069	US Government Resource

Impacted products

Vendor	Product	Version
citrix	session_recording	*
citrix	session_recording	1912
citrix	session_recording	1912
citrix	session_recording	1912
citrix	session_recording	1912
citrix	session_recording	1912
citrix	session_recording	1912
citrix	session_recording	1912
citrix	session_recording	1912
citrix	session_recording	1912
citrix	session_recording	2203
citrix	session_recording	2203
citrix	session_recording	2203
citrix	session_recording	2203
citrix	session_recording	2203
citrix	session_recording	2402
citrix	session_recording	2407

JSON

To clipboard

{
  "cisaActionDue": "2025-09-15",
  "cisaExploitAdd": "2025-08-25",
  "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Citrix Session Recording Deserialization of Untrusted Data Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "FCF54DB8-BBE4-4E48-9037-6FD0E3E3426E",
              "versionEndExcluding": "2407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:-:*:*:ltsr:*:*:*",
              "matchCriteriaId": "7F7F0822-5777-4970-A81F-2FECDE137E53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:cu1:*:*:ltsr:*:*:*",
              "matchCriteriaId": "E0A17B51-A720-4DB7-BF84-CE13B9517C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:cu2:*:*:ltsr:*:*:*",
              "matchCriteriaId": "9BE1BBDB-B867-4B8D-AE55-24D09F0D4EF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:cu3:*:*:ltsr:*:*:*",
              "matchCriteriaId": "B4E177A4-F2AF-450F-AC8F-5609E586C654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:cu4:*:*:ltsr:*:*:*",
              "matchCriteriaId": "86C686E6-2980-49B3-8229-09EB8F91EDCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:cu5:*:*:ltsr:*:*:*",
              "matchCriteriaId": "79E71D63-EB85-4305-8F9D-D1BF7EC71992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:cu6:*:*:ltsr:*:*:*",
              "matchCriteriaId": "A46CDA97-3C7C-45B6-890E-9676F059CD88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:cu7:*:*:ltsr:*:*:*",
              "matchCriteriaId": "560A4530-C2D2-4631-A754-6DC97E3F29E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:1912:cu8:*:*:ltsr:*:*:*",
              "matchCriteriaId": "A9650D15-919D-4F9E-A54D-9E5174D26B07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:2203:-:*:*:ltsr:*:*:*",
              "matchCriteriaId": "C160123B-9BD5-4B7A-A516-F5A5F97FCC79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:2203:cu1:*:*:ltsr:*:*:*",
              "matchCriteriaId": "3F507C4F-89AE-45DC-A849-44204AD06D09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:2203:cu2:*:*:ltsr:*:*:*",
              "matchCriteriaId": "D40669E2-BE98-420B-98F0-10FBF2EA5E6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:2203:cu3:*:*:ltsr:*:*:*",
              "matchCriteriaId": "72923D9A-96C8-40D7-A630-C3C143A7AEA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:2203:cu4:*:*:ltsr:*:*:*",
              "matchCriteriaId": "133696EC-56AB-4B77-8CFE-C97550886037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:2402:-:*:*:ltsr:*:*:*",
              "matchCriteriaId": "34A32BF4-B379-46D9-AAE6-85680B5ECA42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:session_recording:2407:-:*:*:-:*:*:*",
              "matchCriteriaId": "272D5CE4-4A2F-4417-A274-711FF4115907",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Limited remote code execution with privilege of a NetworkService Account access\u00a0in\u00a0Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server"
    },
    {
      "lang": "es",
      "value": "Ejecuci\u00f3n remota limitada de c\u00f3digo con privilegio de acceso a una cuenta de servicio de red en la grabaci\u00f3n de sesiones de Citrix si el atacante es un usuario autenticado en la misma intranet que el servidor de grabaci\u00f3n de sesiones"
    }
  ],
  "id": "CVE-2024-8069",
  "lastModified": "2025-10-24T13:42:29.560",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "LOW",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "secure@citrix.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-12T18:15:47.603",
  "references": [
    {
      "source": "secure@citrix.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-8069"
    }
  ],
  "sourceIdentifier": "secure@citrix.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "secure@citrix.com",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-8069 (GCVE-0-2024-8069)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

WID-SEC-W-2024-3443

GHSA-WW66-45GM-65FM

CERTFR-2024-AVI-0964

Solutions

CERTFR-2024-AVI-0964

Solutions

NCSC-2024-0440

FKIE_CVE-2024-8069

Tags

Sightings

Nomenclature