{"api_version":"1","generated_at":"2026-04-23T04:08:39+00:00","cve":"CVE-2007-2850","urls":{"html":"https://cve.report/CVE-2007-2850","api":"https://cve.report/api/cve/CVE-2007-2850.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-2850","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-2850"},"summary":{"title":"CVE-2007-2850","description":"The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-05-24 18:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://secunia.com/advisories/25371","name":"http://secunia.com/advisories/25371","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Citrix Products Session Reliability Service Security Bypass - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/1918","name":"http://www.vupen.com/english/advisories/2007/1918","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"inode/x-empty","httpstatus":"200","archivestatus":"200"},{"url":"http://fortconsult.net/files/fortconsult.dk/citrix_advisory.pdf","name":"http://fortconsult.net/files/fortconsult.dk/citrix_advisory.pdf","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"404","archivestatus":"404"},{"url":"http://support.citrix.com/article/CTX112964","name":"http://support.citrix.com/article/CTX112964","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Vulnerability in Citrix Presentation Server's Session Reliability service could result in network security policy bypass","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1018098","name":"http://www.securitytracker.com/id?1018098","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Citrix Presentation Server Session Reliability Flaw Lets Remote Users Bypass Security Policy Restrictions - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34448","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34448","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-2850","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-2850","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"2850","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"access_essentials","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2850","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"access_essentials","cpe6":"1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2850","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe","cpe6":"3.0","cpe7":"*","cpe8":"microsoft_windows_2000","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2850","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe","cpe6":"3.0","cpe7":"*","cpe8":"microsoft_windows_2003","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2850","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe","cpe6":"3.0","cpe7":"*","cpe8":"x64_edition","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2850","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe","cpe6":"4.0","cpe7":"*","cpe8":"microsoft_windows_2000","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2850","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe","cpe6":"4.0","cpe7":"*","cpe8":"microsoft_windows_2003","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2850","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"citrix","cpe5":"metaframe","cpe6":"4.0","cpe7":"*","cpe8":"x64_edition","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T13:57:53.391Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"citrix-session-security-bypass(34448)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34448"},{"name":"25371","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/25371"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.citrix.com/article/CTX112964"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://fortconsult.net/files/fortconsult.dk/citrix_advisory.pdf"},{"name":"ADV-2007-1918","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/1918"},{"name":"1018098","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1018098"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-05-16T00:00:00.000Z","descriptions":[{"lang":"en","value":"The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"citrix-session-security-bypass(34448)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34448"},{"name":"25371","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/25371"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.citrix.com/article/CTX112964"},{"tags":["x_refsource_MISC"],"url":"http://fortconsult.net/files/fortconsult.dk/citrix_advisory.pdf"},{"name":"ADV-2007-1918","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/1918"},{"name":"1018098","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1018098"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-2850","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"citrix-session-security-bypass(34448)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34448"},{"name":"25371","refsource":"SECUNIA","url":"http://secunia.com/advisories/25371"},{"name":"http://support.citrix.com/article/CTX112964","refsource":"CONFIRM","url":"http://support.citrix.com/article/CTX112964"},{"name":"http://fortconsult.net/files/fortconsult.dk/citrix_advisory.pdf","refsource":"MISC","url":"http://fortconsult.net/files/fortconsult.dk/citrix_advisory.pdf"},{"name":"ADV-2007-1918","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/1918"},{"name":"1018098","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018098"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-2850","datePublished":"2007-05-24T18:00:00.000Z","dateReserved":"2007-05-24T00:00:00.000Z","dateUpdated":"2024-08-07T13:57:53.391Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-05-24 18:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*","matchCriteriaId":"2FF9F197-991D-4920-BE9A-2E3495E76CD2"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:access_essentials:1.5:*:*:*:*:*:*:*","matchCriteriaId":"21B89150-1806-481D-B0D9-FD37BA4798D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2000:*:*:*:*:*","matchCriteriaId":"0C88F86F-F07D-4C17-B5D5-EC8F1A69A65A"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe:3.0:*:microsoft_windows_2003:*:*:*:*:*","matchCriteriaId":"5B4DBD3F-254D-4C25-9D7E-ECDEF7AED8BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe:3.0:*:x64_edition:*:*:*:*:*","matchCriteriaId":"950A42AA-2FF6-4C8C-84A3-E4623D5258AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe:4.0:*:microsoft_windows_2000:*:*:*:*:*","matchCriteriaId":"CA262BAB-EFDB-4498-85CF-592517FC836D"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe:4.0:*:microsoft_windows_2003:*:*:*:*:*","matchCriteriaId":"DF0B55D1-F942-4B6B-84AB-195A462B3119"},{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:metaframe:4.0:*:x64_edition:*:*:*:*:*","matchCriteriaId":"048974DF-1A85-42F5-BD08-8B2D991B411E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"2850","Ordinal":"1","Title":"CVE-2007-2850","CVE":"CVE-2007-2850","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"2850","Ordinal":"1","NoteData":"The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string.","Type":"Description","Title":"CVE-2007-2850"},{"CveYear":"2007","CveId":"2850","Ordinal":"2","NoteData":"2007-05-24","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"2850","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}