CVE-2024-42423
published 2024-09-10CVE-2024-42423: Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local…
PriorityP433high7.1CVSS 3.1
AVLACLPRLUINSUCHIHAN
EPSS
0.15%
4.8th percentile
Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_workspace | — | — |
| citrix | workspace | — | — |
| dell | wyse_proprietary_os | — | — |
| dell | wyse_proprietary_os | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8g2h-4x5w-4v4p: Citrix Workspace App version 23
ghsa_unreviewed·2024-09-10
CVE-2024-42423 [MEDIUM] CWE-863 GHSA-8g2h-4x5w-4v4p: Citrix Workspace App version 23
Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering.
Citrix
CVE-2024-42423: Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin
vendor_citrix·2024-09-10·CVSS 6.1
CVE-2024-42423 [MEDIUM] CWE-863 CVE-2024-42423: Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin
CVE-2024-42423: Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-10
Published