Citrix MetaFrame Server Detection

Medium Nessus Network Monitor Plugin ID 2809

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The remote host is running Citrix MetaFrame Server. Citrix MetaFrame is a web-based application that allows and facilitates connections to other systems. There is a flaw in many versions of Citrix MetaFrame that allows authenticated users to elevate access by creating macros within Microsoft Office documents.

Solution

Ensure that this instance of Citrix MetaFrame is allowed with respect to corporate policies and guidelines. In addition, ensure that the Citrix MetaFrame server is patched to the latest revision.

Plugin Details

Severity: Medium

ID: 2809

File Name: 2809.prm

Family: CGI

Published: 2005/04/11

Modified: 2016/01/21

Dependencies: 1442

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

CVSSv3

Base Score: 5.3

Temporal Score: 5.3

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS3#E:H/RL:U/RC:X

Reference Information

BID: 13081