QID 377989

Date Published: 2023-02-16

QID 377989: Citrix Workspace App Multiple Vulnerabilities (CTX477617)

Citrix Workspace Suite is a collection of Citrix products that information technology (IT) administrators can use to deliver secure access to desktops, data, applications and services to users on any device, on any network, anywhere.

Citrix released a security advisory to address Privilege Escalation and Improper Access Control vulnerabilities in Citrix Workspace App

Affected Versions:
Citrix Workspace App versions before 2212
Citrix Workspace App 2203 LTSR before CU2
Citrix Workspace App 1912 LTSR before CU7 Hotfix 2 (19.12.7002)

QID Detection Logic (Authenticated)
This checks for vulnerable version of Citrix Workspace App on Windows.

Vulnerable versions of Citrix Workspace App for windows may allow an attacker to perform Privilege Escalation and/or can cause log files to be written to a directory that they do not have permission to write to.

CVSS V3 rated as High - 7.8 severity.

CVSS V2 rated as High - 6.8 severity.

Solution

Customers are advised to refer to CTX477617 for more information pertaining to this vulnerability.

Vendor References

CTX477617 - support.citrix.com/article/CTX477617

CVEs related to QID 377989

CVE-2023-24484 | CVE-2023-24485 |

Software Advisories

Advisory ID	Software	Component	Link
CTX477617			support.citrix.com/article/CTX477617

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].