Citrix MetaFrame Server Detection

medium Nessus Network Monitor Plugin ID 2809

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The remote host is running Citrix MetaFrame Server. Citrix MetaFrame is a web-based application that allows and facilitates connections to other systems. There is a flaw in many versions of Citrix MetaFrame that allows authenticated users to elevate access by creating macros within Microsoft Office documents.

Solution

Ensure that this instance of Citrix MetaFrame is allowed with respect to corporate policies and guidelines. In addition, ensure that the Citrix MetaFrame server is patched to the latest revision.

Plugin Details

Severity: Medium

ID: 2809

Family: CGI

Published: 4/11/2005

Updated: 3/6/2019

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Reference Information

BID: 13081

Detections

Analytics