CVE-2022-21825
published 2022-02-09CVE-2022-21825: An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to…
PriorityP337high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.22%
12.3th percentile
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege escalation.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_workspace | — | — |
| citrix | citrix_workspace_app | — | — |
| citrix | workspace | — | — |
| citrix | workspace | >= 2012 < 2112 | 2112 |
| citrix | xenserver | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
CVE-2022-21825: An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker
vendor_citrix·2022-02-09·CVSS 7.8
CVE-2022-21825 [HIGH] CWE-284 CVE-2022-21825: An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker
CVE-2022-21825: An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege escalation.
Citrix
Citrix Workspace App for Linux Security Update
vendor_citrix·CVSS 7.8
CVE-2022-21825 [HIGH] CWE-284 Citrix Workspace App for Linux Security Update
Citrix Workspace App for Linux Security Update
Vulnerability Type Pre-conditions CVE-2022-21825 Local privilege Escalation CWE-284: Improper Access Control Local user access to a system where Citrix Workspace App for Linux has been installed with App Protection. This vulnerability only affects Citrix Workspace app for Linux 2012 - 2111 and only exists if App Protection was installed as part of Citrix Workspace app for Linux. This vulnerability does not exist if App Protection is not installed. Citrix Workspace app for other platforms is not affected by this issue. Instructions This issue has been addressed in the following versions of Citrix Workspace app for Linux: Citrix Workspace App for Linux 2112 and later versions Citrix strongly recommends that affected customers upgrade to a
CVE
GHSA
GHSA-jhfm-vpj4-vj2f: An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker
ghsa_unreviewed·2022-02-11
CVE-2022-21825 [HIGH] CWE-284 GHSA-jhfm-vpj4-vj2f: An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege escalation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-02-09
Published