PT-2020-18806 · Citrix · Edge Client For Linux

Published

2020-07-01

Updated

2021-07-21

CVE-2020-5908

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Edge Client for Linux versions 11.6.1 through 11.6.5.2 Edge Client for Linux versions 12.1.0 through 12.1.5

Description The issue exposes the full session ID in local log files, potentially allowing unauthorized access to sensitive information.

Recommendations For versions 11.6.1 through 11.6.5.2, consider restricting access to the local log files to minimize the risk of exploitation. For versions 12.1.0 through 12.1.5, consider restricting access to the local log files to minimize the risk of exploitation.

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

CVE-2020-5908

Affected Products

Edge Client For Linux

PT-2020-18806 · Citrix · Edge Client For Linux

CVE-2020-5908

Weakness Enumeration

Related Identifiers

Affected Products

References · 4