CVE-2008-5107

EUVD-2008-5086
The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
1.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
citrixdesktop_server
1.0
citrixpresentation_server
4.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://support.citrix.com/article/CTX116228
http://www.securityfocus.com/bid/28047
http://www.vupen.com/english/advisories/2008/0705/references
http://support.citrix.com/article/CTX116228
http://www.securityfocus.com/bid/28047
http://www.vupen.com/english/advisories/2008/0705/references