Published: 16/06/2021 Updated: 24/06/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Citrix Cloud Connector prior to 6.31.0.62192 suffers from insecure storage of sensitive information due to sensitive information being stored in the Citrix Cloud Connector installation log files. Such information could be used by an malicious actor to access a Citrix Cloud environment. This issue affects all versions of Citrix Cloud Connector that were installed by passing secure client parameters for installation via the command line. The issue does not affect Citrix Cloud Connector if it was installed using the interactive installer or where a parameter file was used with the command-line installer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix cloud connector

A vulnerability has been identified in Citrix Cloud Connector that may result in sensitive information being stored in the Citrix Cloud Connector installation log files which, if exploited, could allow access to a customer’s Citrix Cloud environment   ...

CWE-922 https://support.citrix.com/article/CTX316690 https://nvd.nist.gov https://support.citrix.com/article/CTX316690

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-22914

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect