Local Credential Exposure in Citrix VDI-in-a-Box
CVE-2014-2690
Currently unrated
Summary
Citrix VDI-in-a-Box versions 5.3.x before 5.3.6 and 5.4.x before 5.4.3 contain a vulnerability that allows local users to gain unauthorized access to administrator credentials through log file reading. This could potentially lead to further exploitation of the system or elevated privileges. It is crucial for users to review their deployment and apply necessary patches to mitigate this risk.
References
Timeline
Vulnerability published
Vulnerability Reserved