CVE-2023-24486

2023-07-1021:15:10

CWE-284

[email protected]

web.nvd.nist.gov

1847

cve-2023-24486

citrix

workspace app

linux

vulnerability

security

nvd

exploit

access

ica session

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched.

Affected configurations

NVD

Node

citrixworkspaceRange<2302linux

CPENameOperatorVersion
citrix:workspacecitrix workspacelt2302

CPE	Name	Operator	Version
citrix:workspace	citrix workspace	lt	2302

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Citrix Workspace app for Linux",
    "vendor": "Citrix",
    "versions": [
      {
        "lessThan": "2302",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]