Lucene search

[email protected]CVE-2008-2299

HistoryMay 18, 2008 - 2:20 p.m.

CVE-2008-2299

2008-05-1814:20:00

CWE-310

[email protected]

web.nvd.nist.gov

citrix

presentation server

secureica

ica basic encryption

cve-2008-2299

vulnerability

6.5 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

56.4%

JSON

Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow attackers to bypass intended restrictions.

Affected configurations

NVD

Node

microsoftwindows_2003_server

AND

citrixpresentation_serverRange≤4.5

Node

citrixaccess_essentialsRange≤2.0

citrixdesktop_serverMatch1.0

CPENameOperatorVersion
citrix:presentation_servercitrix presentation serverle4.5

CPE	Name	Operator	Version
citrix:presentation_server	citrix presentation server	le	4.5

References

secunia.com/advisories/30271

support.citrix.com/article/CTX114893

www.securityfocus.com/bid/29233

www.securitytracker.com/id?1020026

www.vupen.com/english/advisories/2008/1531/references

exchange.xforce.ibmcloud.com/vulnerabilities/42444

6.5 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

56.4%

JSON

Related for CVE-2008-2299

prion1 nvd1 cvelist1 nessus1