CVE-2006-6572Citrix Access Gateway vulnerability

5 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.6%
top 30.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Citrix Access GatewayCitrix ADMCitrix Hypervisor+5 more
Timeline
PublishedDec 15
Latest updateMay 1

Description

Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2 with Advanced Access Control 4.2, before 20061114, when the Browser-Only access feature is enabled, allows remote authenticated users to bypass access policies via a certain login method, a different issue than CVE-2006-4846. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages8 packages

NVDcitrix/access_gateway4.0, 4.2+1

Patches

Patch: securitytracker.comPatch: support.citrix.comPatch: securitytracker.com

🔴Vulnerability Details

1
GHSA
GHSA-rv56-6633-c83p: Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 42022-05-01

📋Vendor Advisories

3
Citrix
CVE-2006-6572: Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2 with Advanced Access Control 4.2, before 200611142006-12-15
Citrix
Citrix Security Bulletin CTX111614
Citrix
Citrix Security Bulletin CTX111615