We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-42423



Description

Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privileges may potentially exploit this vulnerability to bypass existing controls and perform unauthorized actions leading to information disclosure and tampering.

Reserved 2024-08-01 | Published 2024-09-10 | Updated 2024-09-10 | Assigner dell


MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Problem types

CWE-863: Incorrect Authorization

Product status

Default status
unaffected

ThinOS 2311
affected

ThinOS 2402
affected

References

www.dell.com/...urity-update-for-dell-thinos-vulnerabilities vendor-advisory

cve.org (CVE-2024-42423)

nvd.nist.gov (CVE-2024-42423)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-42423

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.