Vulnerability Details CVE-2019-11634
Citrix Workspace App before 1904 for Windows has Incorrect Access Control.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.596
EPSS Ranking 98.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Proposed Action
Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the clients' local drives.
Ransomware Campaign
Known
References
- https://support.citrix.com/article/CTX251986
- https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin
- https://support.citrix.com/article/CTX251986
- https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin
Products affected by CVE-2019-11634
-
cpe:2.3:a:citrix:receiver:4.9
-
cpe:2.3:a:citrix:workspace:-
-
cpe:2.3:a:citrix:workspace:1808
-
cpe:2.3:a:citrix:workspace:1809
-
cpe:2.3:a:citrix:workspace:1810
-
cpe:2.3:a:citrix:workspace:1812
-
cpe:2.3:a:citrix:workspace:19.12.4000
-
cpe:2.3:a:citrix:workspace:1902
-
cpe:2.3:a:citrix:workspace:1903