Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0244Citrix Metaframe vulnerability

4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
2.7%
top 14.02%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Citrix MetaframeCitrix Winframe
Timeline
PublishedMar 29
Latest updateApr 30

Description

The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDcitrix/metaframe1.8+1
NVDcitrix/winframe3.5_1.8_for_windows_nt

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

1
GHSA
GHSA-c2cj-5326-gh33: The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication2022-04-30

💥Exploits & PoCs

1
Exploit-DB
Citrix Metaframe 1.0/1.8 - Weak Encryption2000-03-29

📋Vendor Advisories

1
Citrix
CVE-2000-0244: The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.2000-03-29