CVE-2015-2682

Currently unrated

Key Information:

Vendor: Citrix
Status: Command Center
Vendor: CVE Published:; 26 March 2015

Summary

Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml.

References

https://www.securify.nl/advisory/SFY20140802/citrix_comma...

x_refsource_MISC

http://seclists.org/fulldisclosure/2015/Mar/126

mailing-listx_refsource_FULLDISC

http://packetstormsecurity.com/files/130928/Citrix-Comman...

x_refsource_MISC

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 26, 2015
Vulnerability Reserved
Mar 23, 2015

Collectors

NVD DatabaseMitre Database