Access Control Vulnerability in Citrix Command Center
CVE-2015-2683

Currently unrated

Key Information:

Vendor
Citrix
Status
Command Center
Vendor
CVE Published:
26 March 2015

Summary

Citrix Command Center versions prior to 5.1 Build 35.4 and 5.2 before Build 42.7 expose the Advent Java Management Extensions (JMX) Servlet to improper access controls, allowing unauthorized remote attackers to execute arbitrary code. This vulnerability highlights the need for stringent access restrictions to prevent unauthorized interactions with critical server components and emphasizes the importance of maintaining up-to-date software to mitigate potential exploits.

References

http://www.securityfocus.com/archive/1/534933/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/73313
vdb-entryx_refsource_BID
http://packetstormsecurity.com/files/130930/Citrx-Command...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.