Lucene search
HistoryFeb 16, 2023 - 6:15 p.m.
CVE-2023-24484
malicious user
log files
unauthorized writing
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
A malicious user can cause log files to be written to a directory that they do not have permission to write to.
Affected configurations
Node
citrixworkspaceRange<2212-windows
ORcitrixworkspaceMatch1912-ltsrwindows
ORcitrixworkspaceMatch1912cu1ltsrwindows
ORcitrixworkspaceMatch1912cu1-hf1ltsrwindows
ORcitrixworkspaceMatch1912cu2ltsrwindows
ORcitrixworkspaceMatch1912cu3ltsrwindows
ORcitrixworkspaceMatch1912cu4ltsrwindows
ORcitrixworkspaceMatch1912cu5ltsrwindows
ORcitrixworkspaceMatch1912cu6ltsrwindows
ORcitrixworkspaceMatch2203.1-ltsrwindows
ORcitrixworkspaceMatch2203.1cu1ltsrwindows
Related
cvelist
cvelist
prion
prion
Directory traversal
2023-02-16 18:15:00
cve
cve
CVE-2023-24484
2023-02-16 18:15:11
nessus
nessus
Citrix Workspace App for Windows Multiple Vulnerabilities (CTX477617)
2023-02-17 00:00:00
citrix
citrix
cisa
cisa
malwarebytes
malwarebytes
Update now! February's Patch Tuesday tackles three zero-days
2023-02-15 03:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for NVD:CVE-2023-24484