Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain
History

Fri, 22 Nov 2024 16:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 0.0, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N'}


Fri, 22 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 14 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 0, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 12 Nov 2024 18:00:00 +0000

Type Values Removed Values Added
Description Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain
Title Privilege escalation to NetworkService Account access
Weaknesses CWE-269
References
Metrics cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Citrix

Published: 2024-11-12T17:49:54.285Z

Updated: 2024-11-22T15:18:44.098Z

Reserved: 2024-08-21T23:22:39.410Z

Link: CVE-2024-8068

cve-icon Vulnrichment

Updated: 2024-11-14T16:05:59.946Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-12T18:15:47.450

Modified: 2024-11-22T16:15:34.680

Link: CVE-2024-8068

cve-icon Redhat

No data.