CVE-2023-24490

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jul 10, 2023

Updated: Jul 18, 2023

CWE ID 284

Summary

CVE-2023-24490 is a vulnerability that grants users with limited access to Virtual Desktop Applications (VDA) the ability to launch unauthorized desktops. By exploiting this issue, attackers can bypass intended access controls and potentially gain further access to sensitive information or systems. This vulnerability poses a significant risk to organizations utilizing VDA technology and highlights the importance of maintaining robust access control measures.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Citrix Virtual Apps and Desktops

Affected Vendors

Citrix Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/roH7uQ
https://www.cve.org/CVERecord?id=CVE-2023-24490
https://nvd.nist.gov/vuln/detail/CVE-2023-24490

Back to Vulnerability Database