Lucene search

[email protected]CVE-2001-0908

HistoryNov 21, 2001 - 5:00 a.m.

CVE-2001-0908

2001-11-2105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0908

citrix metaframe

ip spoofing

network address translation

network security.

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

90.9%

JSON

CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).

CPENameOperatorVersion
citrix:metaframecitrix metaframeeq1.8

CPE	Name	Operator	Version
citrix:metaframe	citrix metaframe	eq	1.8

References

marc.info/?l=bugtraq&m=100638693315933&w=2

www.securityfocus.com/bid/3566

exchange.xforce.ibmcloud.com/vulnerabilities/7538

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

90.9%

JSON