Users with only access to launch VDA applications can launch an unauthorized desktop
CVE-2023-24490
6.3MEDIUM
Key Information:
- Vendor
- Citrix
- Status
- Virtual Delivery Agents For Windows For Cvad And Citrix Daas Security
- Virtual Delivery Agents For Linux For Cvad And Citrix Daas Security
- Vendor
- CVE Published:
- 10 July 2023
Summary
Users with only access to launch VDA applications can launch an unauthorized desktop
Affected Version(s)
Virtual Delivery Agents for Linux for CVAD and Citrix DaaS Security Current Release (CR) 0 < 2305
Virtual Delivery Agents for Linux for CVAD and Citrix DaaS Security Long Term Service Release (LTSR) 0 < 2203 LTSR CU3
Virtual Delivery Agents for Linux for CVAD and Citrix DaaS Security Long Term Service Release (LTSR) 0
References
CVSS V3.1
Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database