Lucene search

CitrixCTX583930

HistoryJan 16, 2024 - 1:03 p.m.

Citrix Session Recording Security Bulletin for CVE-2023-6184

2024-01-1613:03:36

support.citrix.com

citrix

session recording

vulnerability

rce

versions

2311

1912 ltsr

cu8

2203 ltsr

cu4

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

19.3%

JSON

A vulnerability has been discovered in Citrix Session Recording, which, if exploited, may result in an authenticated user being able to perform an RCE.

Affected Versions:

The following supported versions of Citrix Session Recording are affected by the vulnerability:

Current Release (CR)

Citrix Virtual Apps and Desktops before 2311

Long Term Service Release (LTSR)

Citrix Virtual Apps and Desktops 1912 LTSR before CU8 hotfix 19.12.8100.4
Citrix Virtual Apps and Desktops 2203 LTSR before CU4

Summary:

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

19.3%

JSON

Related for CTX583930