Vulnerabilities > CVE-2006-4846 - Authentication Bypass vulnerability in Citrix Access Gateway 4.2

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

citrix

NVD

Published: 2006-09-19

Updated: 2017-07-20

Summary

Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authentication, allows remote attackers to bypass authentication via unknown vectors. Successful exploitation requires that the Advanced Access Control option is set to use LDAP authentication. This vulnerability is addressed by hotfix AAC420W004.

Vulnerable Configurations

Part	Description	Count
Application	Citrix Citrix Access Gateway 4.2	1

References

http://secunia.com/advisories/21941
http://securitytracker.com/id?1016874
http://support.citrix.com/article/CTX110439
http://support.citrix.com/article/CTX110950
http://www.kb.cert.org/vuls/id/658620
http://www.osvdb.org/28938
http://www.securityfocus.com/bid/20066
http://www.vupen.com/english/advisories/2006/3643
https://exchange.xforce.ibmcloud.com/vulnerabilities/28990