CVE-2009-2453

EUVD-2009-2448
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
Affected Products (NVD)
VendorProductVersion
citrixpresentation_server
4.5
citrixpresentation_server
4.5
citrixpresentation_server
4.5
citrixpresentation_server
4.5:fp1
citrixxenapp
4.5:fp3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/53900
http://secunia.com/advisories/34865
http://support.citrix.com/article/CTX118792
http://www.securityfocus.com/bid/34691
http://www.securitytracker.com/id?1022114
http://www.vupen.com/english/advisories/2009/1154
http://osvdb.org/53900
http://secunia.com/advisories/34865
http://support.citrix.com/article/CTX118792
http://www.securityfocus.com/bid/34691
http://www.securitytracker.com/id?1022114
http://www.vupen.com/english/advisories/2009/1154