CVE-2008-6561

EPSS 0.08%
Veröffentlicht 31.03.2009 17:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Citrix ≫ Presentation Server Client Version10.200

Microsoft ≫ Windows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.205

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://support.citrix.com/article/CTX116227

Patch

Vendor Advisory

http://www.securitytracker.com/id?1019605

http://www.vupen.com/english/advisories/2008/0845

https://exchange.xforce.ibmcloud.com/vulnerabilities/41102

https://nvd.nist.gov/vuln/detail/CVE-2008-6561

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-6561

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-6561

EUVD