FKIE_CVE-2008-2300

Vulnerability from fkie_nvd - Published: 2008-05-18 14:20 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.
References
cve@mitre.orghttp://secunia.com/advisories/30271Vendor Advisory
cve@mitre.orghttp://support.citrix.com/article/CTX116941
cve@mitre.orghttp://www.securityfocus.com/bid/29232
cve@mitre.orghttp://www.securitytracker.com/id?1020027
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1530/references
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/42439
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30271Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.citrix.com/article/CTX116941
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29232
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020027
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1530/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/42439
Impacted products
Vendor Product Version
citrix access_essentials *
citrix access_essentials 1.0
citrix access_essentials 1.5
citrix citrix_presentation_server *
citrix desktop_server 1.0
citrix metaframe_presentation_server 4.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96365CE2-22BF-408E-939F-22FFABF63061",
              "versionEndIncluding": "2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF9F197-991D-4920-BE9A-2E3495E76CD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:access_essentials:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "21B89150-1806-481D-B0D9-FD37BA4798D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:citrix_presentation_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A571EDD-12ED-4398-8AED-5916A4580294",
              "versionEndIncluding": "4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "08AEEC3F-E8DD-4535-98D2-4CFD83439A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "15137D61-8E46-4F46-B475-098429A79484",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en Citrix Presentation Server 4.5 y anteriores, Citrix Access Essentials 2.0 y anteriores y Citrix Desktop Server 1.0 permite a atacantes autentificados remotamente acceder a escritorios no autorizados mediante vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2008-2300",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-18T14:20:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30271"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.citrix.com/article/CTX116941"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29232"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020027"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1530/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.citrix.com/article/CTX116941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020027"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1530/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42439"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.