CVE-2024-42423

Name of the Vulnerable Software and Affected Versions Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311

Description The issue is related to an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions, leading to information disclosure and tampering.

Recommendations For Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311, consider disabling Citrix CEB for WebLogin as a temporary workaround to minimize the risk of exploitation. Restrict access to sensitive information and implement additional controls to prevent unauthorized actions until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.