Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2024-8069 Limited remote code execution with privilege of a NetworkService Account access

🗓️ 12 Nov 2024 18:01:15Reported by CitrixType 
cvelist
 cvelist🔗 www.cve.org👁 35 Views

Limited remote code execution with NetworkService Account access in Citrix Session Recordin

Related
Affected
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the Session Recording software component, which is used for virtualizing and delivering Citrix Virtual Apps and Desktops (formerly XenApp and XenDesktop), allows a perpetrator to execute arbitrary code.
22 Nov 202400:00
bdu_fstec
Circl		CVE-2024-8069
12 Nov 202416:21
circl
CISA KEV Catalog		Citrix Session Recording Deserialization of Untrusted Data Vulnerability
25 Aug 202500:00
cisa_kev
CISA		 CISA Adds Three Known Exploited Vulnerabilities to Catalog
25 Aug 202512:00
cisa
CISA		 Citrix Releases Security Updates for NetScaler and Citrix Session Recording
12 Nov 202412:00
cisa
Tenable Nessus		Citrix Virtual Apps and Desktops Session Recording Multiple Vulnerabilities (CTX691941)
14 Nov 202400:00
nessus
CNNVD		Citrix Systems Virtual Apps and Desktops 安全漏洞
12 Nov 202400:00
cnnvd
Citrix		Citrix Session Recording Security Bulletin for CVE-2024-8068 and CVE-2024-8069
12 Nov 202407:00
citrix
CVE		CVE-2024-8069
12 Nov 202418:01
cve
NCSC		Vulnerabilities fixed in Citrix Session Recording
13 Nov 202408:51
ncsc
Rows per page
[
  {
    "defaultStatus": "unaffected",
    "product": "Citrix Session Recording",
    "vendor": "Citrix Session Recording",
    "versions": [
      {
        "lessThan": "24.5.200.8",
        "status": "affected",
        "version": "2407 Current Release",
        "versionType": "patch"
      },
      {
        "lessThan": "CU9 hotfix 19.12.9100.6",
        "status": "affected",
        "version": "1912 LTSR",
        "versionType": "patch"
      },
      {
        "lessThan": "CU5 hotfix 22.03.5100.11",
        "status": "affected",
        "version": "2203 LTSR",
        "versionType": "patch"
      },
      {
        "lessThan": "CU1 hotfix 24.02.1200.16",
        "status": "affected",
        "version": "2402 LTSR",
        "versionType": "patch"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
12 Nov 2024 18:01Current
CVSS 45.1
EPSS0.48286
CWE-502
cve-2024-8069remote code executionnetworkservice account accesscitrix session recordingauthenticated userintranetsecurity vulnerability
35