7.8
CVE-2021-22928
- EPSS 0.05%
- Veröffentlicht 05.08.2021 21:15:11
- Zuletzt bearbeitet 21.11.2024 05:50:56
- Quelle support@hackerone.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Citrix ≫ Virtual Apps And Desktops SwEdition- Version >= 2006 <= 2106
Citrix ≫ Virtual Apps And Desktops Version1912 Update- SwEditionltsr
Citrix ≫ Virtual Apps And Desktops Version1912 Updatecu3
Citrix ≫ Xendesktop Version7.15 Update- SwEditionltsr
Citrix ≫ Xendesktop Version7.15 Updatecu6 SwEditionltsr
Citrix ≫ Xendesktop Version7.15 Updatecu7 SwEditionltsr
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.129 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|