CVE-2008-5107

medium

Description

The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files.

References

http://www.vupen.com/english/advisories/2008/0705/references

http://www.securityfocus.com/bid/28047

http://support.citrix.com/article/CTX116228

Details

Source: Mitre, NVD

Published: 2008-11-17

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 1.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00103

Detections

Analytics