Vulnerabilities > CVE-2008-6830 - Unspecified vulnerability in Citrix web Interface 5.0/5.0.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also have valid credentials to the Web Interface.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://osvdb.org/49387
- http://osvdb.org/49387
- http://secunia.com/advisories/32444
- http://secunia.com/advisories/32444
- http://support.citrix.com/article/CTX118768
- http://support.citrix.com/article/CTX118768
- http://www.securityfocus.com/bid/31943
- http://www.securityfocus.com/bid/31943
- http://www.securitytracker.com/id?1021110
- http://www.securitytracker.com/id?1021110
- http://www.vupen.com/english/advisories/2008/2946
- http://www.vupen.com/english/advisories/2008/2946
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46135
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46135