PT-2009-2299 · Citrix · Citrix Web Interface

Published

2009-06-08

Updated

2017-08-17

CVE-2008-6830

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Citrix Web Interface versions 5.0 through 5.0.1

Description: The disconnection feature in the software does not properly terminate a user's web interface session. This allows attackers with access to the same browser instance to gain access to the user's Web Interface session, provided they also have valid credentials to the Web Interface.

Recommendations: For versions 5.0 through 5.0.1, consider implementing additional session termination measures or restricting access to the Web Interface to minimize the risk of unauthorized session access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-6830

Affected Products

Citrix Web Interface

PT-2009-2299 · Citrix · Citrix Web Interface

CVE-2008-6830

Related Identifiers

Affected Products

References · 8