CVE-2008-2300 - OpenCVE

Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Citrix	Access Essentials Citrix Presentation Server Desktop Server Metaframe Presentation Server

Configuration 1 [-]

OR	cpe:2.3:a:citrix:access_essentials::::::::
	cpe:2.3:a:citrix:access_essentials:1.0:::::::*
	cpe:2.3:a:citrix:access_essentials:1.5:::::::*
	cpe:2.3:a:citrix:citrix_presentation_server::::::::
	cpe:2.3:a:citrix:desktop_server:1.0:::::::*
	cpe:2.3:a:citrix:metaframe_presentation_server:4.0:::::::*

References

Link	Resource
http://secunia.com/advisories/30271	Vendor Advisory
http://support.citrix.com/article/CTX116941
http://www.securityfocus.com/bid/29232
http://www.securitytracker.com/id?1020027
http://www.vupen.com/english/advisories/2008/1530/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42439

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-05-18T14:00:00

Updated: 2017-08-07T12:57:01

Reserved: 2008-05-18T00:00:00

Link: CVE-2008-2300

JSON object: View

NVD Information

Status : Modified

Published: 2008-05-18T14:20:00.000

Modified: 2017-08-08T01:30:55.887

Link: CVE-2008-2300

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-05-12T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "29232", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29232"}, {"name": "30271", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30271"}, {"name": "1020027", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020027"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.citrix.com/article/CTX116941"}, {"name": "ADV-2008-1530", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1530/references"}, {"name": "citrix-presentationserver-unauth-access(42439)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42439"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2300", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "29232", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29232"}, {"name": "30271", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30271"}, {"name": "1020027", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020027"}, {"name": "http://support.citrix.com/article/CTX116941", "refsource": "CONFIRM", "url": "http://support.citrix.com/article/CTX116941"}, {"name": "ADV-2008-1530", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1530/references"}, {"name": "citrix-presentationserver-unauth-access(42439)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42439"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2300", "datePublished": "2008-05-18T14:00:00", "dateReserved": "2008-05-18T00:00:00", "dateUpdated": "2017-08-07T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*", "matchCriteriaId": "96365CE2-22BF-408E-939F-22FFABF63061", "versionEndIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:access_essentials:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2FF9F197-991D-4920-BE9A-2E3495E76CD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:access_essentials:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "21B89150-1806-481D-B0D9-FD37BA4798D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:citrix_presentation_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A571EDD-12ED-4398-8AED-5916A4580294", "versionEndIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08AEEC3F-E8DD-4535-98D2-4CFD83439A69", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:metaframe_presentation_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "15137D61-8E46-4F46-B475-098429A79484", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en Citrix Presentation Server 4.5 y anteriores, Citrix Access Essentials 2.0 y anteriores y Citrix Desktop Server 1.0 permite a atacantes autentificados remotamente acceder a escritorios no autorizados mediante vectores de ataque desconocidos."}], "id": "CVE-2008-2300", "lastModified": "2017-08-08T01:30:55.887", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-05-18T14:20:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30271"}, {"source": "cve@mitre.org", "url": "http://support.citrix.com/article/CTX116941"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29232"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020027"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1530/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42439"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}