Security Bypass in Citrix Advanced Access Control and Access Gateway
CVE-2006-6572

Currently unrated

Key Information:

Vendor: Citrix
Status: Access Gateway
Vendor: CVE Published:; 15 December 2006

Summary

An unspecified vulnerability exists in Citrix Advanced Access Control and Access Gateway products prior to the specified patch date. When the Browser-Only access feature is enabled, this weakness allows remote authenticated users to bypass established access policies using a particular login method. This issue is separate from other known vulnerabilities affecting Citrix products, highlighting the importance of consistent security assessments and updates.

References

http://securitytracker.com/id?1017227

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2006/4525

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/21080

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Dec 15, 2006
Vulnerability Reserved
Dec 14, 2006