CVE-2024-8068
Nov. 22, 2024, 4:15 p.m.
Tags
Product(s) Impacted
Citrix Session Recording
Description
Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain
Weaknesses
CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
CWE ID: 269Date
Published: Nov. 12, 2024, 6:15 p.m.
Last Modified: Nov. 22, 2024, 4:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
secure@citrix.com
References
https://support.citrix.com/
secure@citrix.com