Session ID Exposure in Citrix Access Gateway Prior to Advanced Edition 4.5 HF1
CVE-2007-0011

Currently unrated

Key Information:

Vendor

Citrix
Status
Access Gateway
Vendor
CVE Published:
5 November 2007

What is CVE-2007-0011?

The Citrix Access Gateway's web portal interface fails to securely manage session identifiers by embedding them directly in the URL. This design flaw allows an attacker with access to logs, browser history, or cached information to expose sensitive session data, potentially leading to unauthorized access or session hijacking.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2007/2583
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/26143
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/24975
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.