testperson 1,746 Posted November 10, 2020 Report Posted November 10, 2020 Hi heute hat Citrix folgende Security Updates veröffentlicht: https://support.citrix.com/article/CTX285059 Zitat CVE-Id: CVE-2020-8269: Description: An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM Vulnerability Type: CWE-269: Improper Privilege Management Pre-conditions: The attacker must be an authenticated user on the Windows VDA with write access to the C:\ directory CVE-Id: CVE-2020-8270 Description: An unprivileged Windows user on the VDA or a SMB user can perform arbitrary command execution as SYSTEM Vulnerability Type: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Pre-conditions: The attacker must be an authenticated user on the Windows VDA or be authenticated to Windows SMB service running on the VDA Betroffen sind folgende Releases: Citrix Virtual Apps and Desktops 2006 and earlier versions Citrix Virtual Apps and Desktops 1912 LTSR CU1 and earlier versions of 1912 LTSR Citrix XenApp / XenDesktop 7.15 LTSR CU6 and earlier versions of 7.15 LTSR Citrix XenApp / XenDesktop 7.6 LTSR CU8 and earlier versions of 7.6 LTSR HTH Jan Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.