Lucene search

[email protected]CVE-2023-24492

HistoryJul 11, 2023 - 10:15 p.m.

CVE-2023-24492

2023-07-1122:15:09

CWE-94

[email protected]

web.nvd.nist.gov

cve-2023-24492

citrix secure access

ubuntu

vulnerability

remote code execution

nvd

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.4%

JSON

A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts.

Affected configurations

NVD

Node

citrixsecure_access_clientRange<23.5.2

AND

canonicalubuntu_linuxMatch-

CPENameOperatorVersion
citrix:secure_access_clientcitrix secure access clientlt23.5.2

CPE	Name	Operator	Version
citrix:secure_access_client	citrix secure access client	lt	23.5.2

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Citrix Secure Access client for Ubuntu",
    "vendor": "Citrix",
    "versions": [
      {
        "lessThan": "23.5.2",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

References

support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.4%

JSON

Related for CVE-2023-24492

prion1 cvelist1 citrix1 nvd1