Local Credential Exposure in Citrix VDI-in-a-Box
CVE-2014-2690

Currently unrated

Key Information:

Vendor
Citrix
Vendor
CVE Published:
15 April 2014

Summary

Citrix VDI-in-a-Box versions 5.3.x before 5.3.6 and 5.4.x before 5.4.3 contain a vulnerability that allows local users to gain unauthorized access to administrator credentials through log file reading. This could potentially lead to further exploitation of the system or elevated privileges. It is crucial for users to review their deployment and apply necessary patches to mitigate this risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.