CVE-2005-4412

2022-10-0316:22:45

mitre

www.cve.org

citrix

password

plaintext

gui

obfuscate

attackers

6.5 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.8%

JSON

Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the session to obtain the password by using a tool to directly access the field.

References

securitytracker.com/id?1015372

support.citrix.com/article/CTX108108