Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-2300

Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.

Published

2008-05-18T14:20:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-264
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application citrix access_essentials ≤ 2.0 Yes
Application citrix access_essentials 1.0 Yes
Application citrix access_essentials 1.5 Yes
Application citrix citrix_presentation_server ≤ 4.5 Yes
Application citrix desktop_server 1.0 Yes
Application citrix metaframe_presentation_server 4.0 Yes
References