CVE-2008-2299

critical

Description

Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow attackers to bypass intended restrictions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/42444

http://www.vupen.com/english/advisories/2008/1531/references

http://www.securitytracker.com/id?1020026

http://www.securityfocus.com/bid/29233

http://support.citrix.com/article/CTX114893

http://secunia.com/advisories/30271

Details

Source: Mitre, NVD

Published: 2008-05-18

Updated: 2017-08-08

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical