CVE-2008-2528

Published: Jun 3, 2008Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network resources" via unspecified vectors.

Affected (4)

Products: Citrix: Access Gateway

Citrix

1 product

Access Gateway

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Citrix Access Gateway	Up to 4.5.7
Citrix Access Gateway	Up to 4.5
Citrix Access Gateway	Version 4.5.5
Citrix Access Gateway	Version 4.5.6

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (12)

http://secunia.com/advisories/30175

Source: cve@mitre.org

Patch

http://support.citrix.com/article/CTX116930

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/29174

Source: cve@mitre.org

http://www.securitytracker.com/id?1020025

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/1474/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/42356

Source: cve@mitre.org

http://secunia.com/advisories/30175