CVE-2008-6561

EPSS 0.08%
Published 31.03.2009 17:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges.

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Citrix ≫ Presentation Server Client Version10.200

Microsoft ≫ Windows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.205

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://support.citrix.com/article/CTX116227

Patch

Vendor Advisory

http://www.securitytracker.com/id?1019605

http://www.vupen.com/english/advisories/2008/0845

https://exchange.xforce.ibmcloud.com/vulnerabilities/41102

https://nvd.nist.gov/vuln/detail/CVE-2008-6561

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-6561

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-6561

EUVD