Citrix Workspace App vulnerabilities

CVE-2024-7889 [HIGH] CWE-269 Citrix Workspace app for Windows Security Bulletin CVE-2024-7889 and CVE-2024-7890 Citrix Workspace app for Windows Security Bulletin CVE-2024-7889 and CVE-2024-7890 of Problem Two vulnerabilities have been discovered that impact the Citrix Workspace app for Windows. CVE References: CVE-2024-7889, CVE-2024-7890 Affected Products: Citrix Workspace app, XenServer, workspace Severity: High CVSS Score: 7.0 Remediation: Citrix strongly recommends that customers upgrade

CVE-2024-6148 [MEDIUM] CWE-276 Citrix Workspace app for HTML5 Security Bulletin CVE-2024-6148 and CVE-2024-6149 Citrix Workspace app for HTML5 Security Bulletin CVE-2024-6148 and CVE-2024-6149 of Problem Two vulnerabilities have been discovered that impact the Citrix Workspace app for HTML5. Refer to below for further details: CVE References: CVE-2024-6148, CVE-2024-6149 Affected Products: Citrix Workspace app, StoreFront, XenServer, storefront, workspace Severity: Medium CVSS Score: 5.3 Reme

CVE-2024-6286 [HIGH] CWE-269 Citrix Workspace app for Windows Security Bulletin CVE-2024-6286 Citrix Workspace app for Windows Security Bulletin CVE-2024-6286 of Problem A vulnerability has been discovered that impacts the Citrix Workspace app for Windows. Refer to below for further details: Details CVE References: CVE-2024-6286 Affected Products: Citrix Workspace app, XenServer Severity: High CVSS Score: 8.5 Remediation: Citrix strongly recommends that customers upgrade their Citrix Workspac

CVE-2023-24486 [MEDIUM] CWE-284 Citrix Workspace app for Linux Security Bulletin for CVE-2023-24486 Citrix Workspace app for Linux Security Bulletin for CVE-2023-24486 Vulnerability Type Pre-conditions CVE-2023-24486 Session takeover CWE-284: Improper Access Control Local user access to a system where another user is utilizing a vulnerable version of Citrix Workspace App for Linux to launch published desktops and applications This issue affects all supported versions of Citrix Workspace app for

CVE-2020-8299 [MEDIUM] CWE-284 Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP Edition appliance Security Update Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP Edition appliance Security Update CWE CVE References: CVE-2020-8299, CVE-2020-8300 Affected Products: Citrix ADC, Citrix Application Delivery Controller, Citrix Gateway, Citrix SD-WAN WANOP, Citrix Workspace App, NetScaler ADC, NetScaler Gateway, Workspace, XenServer Sever

CVE-2021-22907 [HIGH] CWE-284 Citrix Workspace App Security Update Citrix Workspace App Security Update of Problem A vulnerability has been identified that could result in a local user escalating their privilege level to SYSTEM on the computer running Citrix Workspace app for Windows. The vulnerability has the following identifier: CVE ID Description Vulnerability Type Pre-conditions CVE-2021-22907 Local privilege Escalation CWE-284: Improper Access Control Local user access to a system where C

CVE-2020-8207 [HIGH] Citrix Workspace app for Windows Security Update Citrix Workspace app for Windows Security Update of Problem A vulnerability has been identified in the automatic update service of Citrix Workspace app for Windows that could result in: A local user escalating their privilege level to that of an administrator on the computer running Citrix Workspace app for Windows. A remote compromise of the computer running Citrix Workspace app when Windows file sharing (SMB) is enabled. Th

CVE-2020-13884 [HIGH] Vulnerabilities in Citrix Workspace app and Receiver for Windows Vulnerabilities in Citrix Workspace app and Receiver for Windows of Problem Vulnerabilities have been identified in Citrix Workspace app and Citrix Receiver for Windows that could result in a local user escalating their privilege level to administrator during the uninstallation process. The issues have the following identifiers: CVE-2020-13884 CVE-2020-13885 These vulnerabilities affect supported versions of

CVE-2019-11634 [CRITICAL] CVE-2019-11634 - Remote Code Execution Vulnerability in Citrix Workspace app and Receiver for Windows CVE-2019-11634 - Remote Code Execution Vulnerability in Citrix Workspace app and Receiver for Windows of Problem A vulnerability has been identified in Citrix Workspace app and Receiver for Windows that could result in local drive access preferences not being enforced allowing an attacker read/write access to the clients local drives which could enable code execution o

CVE-2023-24484 [MEDIUM] CWE-284 Citrix Workspace app for Windows Security Bulletin for CVE-2023-24484 & CVE-2023-24485 Citrix Workspace app for Windows Security Bulletin for CVE-2023-24484 & CVE-2023-24485 Vulnerability Type Pre-conditions CVE-2023-24484 A malicious user can cause log files to be written to a directory that they do not have permission to write to. CWE-284: Improper Access Control Local user access to a system where a vulnerable version of Citrix Workspace App for Windows is