PT-2007-7082 · Citrix · Citrix Netscaler

Nnposter

Publicado

2007-11-30

Atualizado

2018-10-15

CVE-2007-6192

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Citrix NetScaler version 8.0 build 47.8

Description The web management interface uses weak encryption to store credentials within a cookie, making it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack.

Recommendations For Citrix NetScaler version 8.0 build 47.8, consider disabling the use of cookies for credential storage until a patch is available. Restrict access to the web management interface to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-310

Identificadores relacionados

CVE-2007-6192

Produtos afetados

Citrix Netscaler

PT-2007-7082 · Citrix · Citrix Netscaler

CVE-2007-6192

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6