Back to search
CVE-2008-6830
Published: Jun 8, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also have valid credentials to the Web Interface.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
citrix-webinterface-security-bypass(46135)
vdb-entry
x_refsource_XF
49387
vdb-entry
x_refsource_OSVDB
ADV-2008-2946
vdb-entry
x_refsource_VUPEN
1021110
vdb-entry
x_refsource_SECTRACK
http://support.citrix.com/article/CTX118768
x_refsource_CONFIRM
32444
third-party-advisory
x_refsource_SECUNIA
31943
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now