Vulnerability Details : CVE-2008-2299
Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow attackers to bypass intended restrictions.
Products affected by CVE-2008-2299
- cpe:2.3:a:citrix:access_essentials:*:*:*:*:*:*:*:*
- cpe:2.3:a:citrix:presentation_server:*:*:*:*:*:*:*:*When used together with: Microsoft » Windows 2003 Server
- cpe:2.3:a:citrix:desktop_server:1.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-2299
0.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-2299
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2008-2299
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-2299
Jump to