1.9
CVE-2008-6561
- EPSS 0.29%
- Veröffentlicht 31.03.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:02:27
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Citrix ≫ Presentation Server Client Version10.200
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.205 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://support.citrix.com/article/CTX116227
http://www.securitytracker.com/id?1019605
http://www.vupen.com/english/advisories/2008/0845
https://exchange.xforce.ibmcloud.com/vulnerabilities/41102