Local user access to a system where another user is utilizing a vulnerable version of Citrix Workspace App for Linux to launch published desktops and applications

CVE-2023-24486

5.5MEDIUM

Key Information

Vendor: Citrix
Status: Citrix Workspace App For Linux
Vendor: CVE Published:; 10 July 2023

Summary

A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched.

Affected Version(s)

Citrix Workspace app for Linux < 2302

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jul 10, 2023
Vulnerability Reserved.
Jan 24, 2023

Collectors

NVD DatabaseMitre Database