CVE-2008-2299

Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow attackers to bypass intended restrictions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
citrixpresentation_server
𝑥
≤ 4.5
citrixaccess_essentials
𝑥
≤ 2.0
citrixdesktop_server
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/30271
http://support.citrix.com/article/CTX114893
http://www.securityfocus.com/bid/29233
http://www.securitytracker.com/id?1020026
http://www.vupen.com/english/advisories/2008/1531/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42444
http://secunia.com/advisories/30271
http://support.citrix.com/article/CTX114893
http://www.securityfocus.com/bid/29233
http://www.securitytracker.com/id?1020026
http://www.vupen.com/english/advisories/2008/1531/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42444