Cross-Site Request Forgery in Citrix Access Gateway Web Console
CVE-2007-4017

Currently unrated

Key Information:

Vendor: Citrix
Status: Access Gateway
Vendor: CVE Published:; 26 July 2007

Summary

A cross-site request forgery (CSRF) vulnerability exists in the web-based administration console of Citrix Access Gateway prior to firmware version 4.5.5. This flaw allows remote attackers to exploit the administration interface, potentially enabling them to make unauthorized configuration changes that could impact security or functionality. Proper mitigations and updates are crucial for protecting against such attacks.

References

http://www.vupen.com/english/advisories/2007/2583

vdb-entryx_refsource_VUPEN

http://support.citrix.com/article/CTX113817

x_refsource_CONFIRM

http://secunia.com/advisories/26143

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 26, 2007
Vulnerability Reserved
Jul 25, 2007