CVE-2023-24485

Published Feb 16, 2023

Last updated 2 years ago

CVSS high 7.8

Overview

Description: Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app.
Source: secure@citrix.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-863
secure@citrix.com: CWE-284

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:citrix:workspace:*:*:*:*:-:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF677539-1D84-4A05-A8AF-09723A3909D5",
            "versionEndExcluding": "2212"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:1912:-:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "554F6592-C252-4B1D-ABEF-C4EE7EACF061"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:1912:cu1:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C032E97-4C37-4FE9-BD0E-3AC933489A5B"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:1912:cu1-hf1:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AECFCE88-901F-4025-AF58-BC7A9207CF97"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:1912:cu2:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "179CEA0E-92D8-41A8-A2E2-B6808A2CAA25"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:1912:cu3:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "998E9AAF-E239-4861-8377-B62330FAB903"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:1912:cu4:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37D106D3-119F-4194-8F16-C3317248A4D8"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:1912:cu5:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3078BBCA-DC94-4B7A-8B74-C012DB4A98A9"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:1912:cu6:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D826A570-C5C3-4E67-BABE-E1999C2AB60B"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:2203.1:-:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEB0B74B-89A7-4194-8881-F35FEAE672BE"
          },
          {
            "criteria": "cpe:2.3:a:citrix:workspace:2203.1:cu1:*:*:ltsr:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1A14B8C-1B61-4682-AABE-4732B65E51BC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References