Configuration Disclosure in Citrix Command Center
CVE-2015-2682

Currently unrated

Key Information:

Vendor
Citrix
Vendor
CVE Published:
26 March 2015

Summary

The vulnerability in Citrix Command Center allows remote attackers to access sensitive configuration files, specifically credentials stored in the security database. By making a direct request to the endpoint conf/securitydbData.xml, unauthorized users can retrieve this critical information, potentially compromising the security of affected systems. Proper security measures and updates are essential to mitigate this risk.

References

EPSS Score

41% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.