We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-8068

Privilege escalation to NetworkService Account access



Description

Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain

Reserved 2024-08-21 | Published 2024-11-12 | Updated 2024-11-22 | Assigner Citrix


MEDIUM: 5.1CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Product status

Default status
unaffected

2407 Current Release before 24.5.200.8
affected

1912 LTSR before CU9 hotfix 19.12.9100.6
affected

2203 LTSR before CU5 hotfix 22.03.5100.11
affected

2402 LTSR before CU1 hotfix 24.02.1200.16
affected

References

support.citrix.com/...ty-bulletin-for-cve20248068-and-cve20248069?language=en_US

cve.org (CVE-2024-8068)

nvd.nist.gov (CVE-2024-8068)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-8068

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.