Local user access to a system where another user is utilizing a vulnerable version of Citrix Workspace App for Linux to launch published desktops and applications
CVE-2023-24486

5.5MEDIUM

Key Information:

Vendor: Citrix
Status: Citrix Workspace App For Linux
Vendor: CVE Published:; 10 July 2023

What is CVE-2023-24486?

A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched.

Affected Version(s)

Citrix Workspace app for Linux Linux 0 < 2302

References

https://support.citrix.com/article/CTX477618/citrix-works...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2023
Vulnerability Reserved
Jan 24, 2023