Privilege Escalation Vulnerability in Citrix Receiver
CVE-2019-18910

6.8MEDIUM

Key Information:

Vendor: HP
Status: Thinpro Linux
Vendor: CVE Published:; 22 November 2019

🔔 Create HP Vulnerability Alert

What is CVE-2019-18910?

The Citrix Receiver contains a vulnerability in its wrapper function that inadequately validates user-supplied input. This flaw can be exploited by an attacker to execute malicious commands with the privileges of a local user, potentially compromising sensitive data and system integrity. Proper validation measures are essential to mitigate these risks.

Affected Version(s)

ThinPro Linux 6.2

ThinPro Linux 6.2.1

ThinPro Linux 7.0

References

https://support.hp.com/us-en/document/c06509350

x_refsource_CONFIRM

http://seclists.org/fulldisclosure/2020/Mar/40

mailing-listx_refsource_FULLDISC

http://packetstormsecurity.com/files/156909/HP-ThinPro-6....

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2019
Vulnerability Reserved
Nov 12, 2019

.