Citrix Workspace App Vulnerability Allows Bypass of GACS Policy Configuration Settings
CVE-2024-6148

8.8HIGH

Key Information:

Vendor: Citrix
Status: Citrix Workspace App For Html5
Vendor: CVE Published:; 10 July 2024

Summary

A vulnerability exists in Citrix Workspace app for HTML5 that enables an attacker to bypass GACS (Gateway Access Control Service) policy configuration settings. This flaw may allow unauthorized users to access sensitive resources. Proper management of GACS policies is critical to ensure that only authorized access to applications and data is maintained. Users of Citrix Workspace app are strongly advised to review their policy configurations and apply necessary updates to safeguard their systems. For detailed information regarding this vulnerability, refer to the official Citrix support article.

Affected Version(s)

Citrix Workspace app for HTML5 2404 < 1

References

https://support.citrix.com/article/CTX678037

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 10, 2024
Vulnerability Reserved
Jun 18, 2024