Access Control Vulnerability in Citrix Command Center
CVE-2015-2683

Currently unrated

Key Information:

Vendor: Citrix
Status: Command Center
Vendor: CVE Published:; 26 March 2015

What is CVE-2015-2683?

Citrix Command Center versions prior to 5.1 Build 35.4 and 5.2 before Build 42.7 expose the Advent Java Management Extensions (JMX) Servlet to improper access controls, allowing unauthorized remote attackers to execute arbitrary code. This vulnerability highlights the need for stringent access restrictions to prevent unauthorized interactions with critical server components and emphasizes the importance of maintaining up-to-date software to mitigate potential exploits.

References

http://www.securityfocus.com/archive/1/534933/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/73313

vdb-entryx_refsource_BID

http://packetstormsecurity.com/files/130930/Citrx-Command...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2015
Vulnerability Reserved
Mar 23, 2015