Skip to main content

Workspace CVE-2023-24484

MEDIUM
Improper Access Control (CWE-284)
2023-02-16 secure@citrix.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Feb 16, 2023 - 18:15 nvd
MEDIUM 5.5

DescriptionNVD

A malicious user can cause log files to be written to a directory that they do not have permission to write to.

AnalysisAI

A malicious user can cause log files to be written to a directory that they do not have permission to write to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-284. A malicious user can cause log files to be written to a directory that they do not have permission to write to. Affected products include: Citrix Workspace.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2019-11634 CRITICAL
9.8 May 22

Citrix Workspace App before 1904 for Windows has Incorrect Access Control. Rated critical severity (CVSS 9.8), this vuln

CVE-2020-8207 HIGH
8.8 Jul 24

Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code exe

CVE-2024-6286 HIGH
8.5 Jul 10

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows. R

CVE-2025-4879 HIGH
7.8 Jun 17

Local privilege escalation vulnerability in Citrix Workspace app for Windows that allows low-privileged users to gain SY

CVE-2023-2257 HIGH
7.8 Apr 24

Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and

CVE-2023-24485 HIGH
7.8 Feb 16

Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM o

CVE-2021-22907 HIGH
7.8 May 27

An improper access control vulnerability exists in Citrix Workspace App for Windows potentially allows privilege escalat

CVE-2024-42423 HIGH
7.1 Sep 10

Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citr

CVE-2024-7889 HIGH
7.0 Sep 11

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows. R

CVE-2023-6588 MEDIUM
6.5 Dec 07

Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Worksp

CVE-2024-2241 MEDIUM
6.3 Mar 07

Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user

CVE-2023-24486 MEDIUM
5.5 Jul 10

A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious loca

Share

CVE-2023-24484 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy