Citrix Password Manager Service Stored Secondary Credentials Disclosure

This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by an
information disclosure vulnerability.

Description :

Citrix Password Manager Service is installed on the remote host.

The version of Citrix Password Manager Service on the remote host is
reportedly affected by an information disclosure vulnerability
involving secondary credentials.

See also :

http://support.citrix.com/article/CTX120743

Solution :

Upgrade to Citrix Password Manager version 4.6 SP1 or later.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N)
CVSS Temporal Score : 3.0
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 40616 (citrix_pm_service.nasl)

Bugtraq ID: 35133

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now