CVE-2007-4017
Severity Score
7.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers to perform certain configuration changes as administrators.
Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en la consola del administrador basado en web en Citrix Access Gateway anterior al software empotrado (firmware) 4.5.5 permite a atacantes remotos llevar a cabo ciertos cambios de configuracion como administradores.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-07-25 CVE Reserved
- 2007-07-26 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/37841 | Vdb Entry | |
| http://www.securitytracker.com/id?1018435 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2583 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35513 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/26143 | 2017-07-29 | |
| http://support.citrix.com/article/CTX113817 | 2017-07-29 | |
| http://support.citrix.com/article/CTX114028 | 2017-07-29 | |
| http://www.securityfocus.com/bid/24975 | 2017-07-29 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Citrix Search vendor "Citrix" | Access Gateway Search vendor "Citrix" for product "Access Gateway" | 4.5 Search vendor "Citrix" for product "Access Gateway" and version "4.5" | advanced |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Access Gateway Search vendor "Citrix" for product "Access Gateway" | 4.5 Search vendor "Citrix" for product "Access Gateway" and version "4.5" | standard |
Affected
| ||||||