{"short":"Citrix Workspace App contains vulnerability"}

CVE-2024-42423
6.1MEDIUM

Key Information

Vendor
Dell
Status
Wyse Proprietary Os (modern Thinos)
Vendor
CVE Published:
10 September 2024

Summary

Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering.

Affected Version(s)

Wyse Proprietary OS (Modern ThinOS) = ThinOS 2311

Wyse Proprietary OS (Modern ThinOS) = ThinOS 2402

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.