DNA View

High Severity Vulnerability

This vulnerability has been rated as High severity. Immediate action is recommended.

CVE-2024-7890

High

Low Medium High Critical

7.3

CVSS Score

Published: Sep 11, 2024

Last Modified: Oct 22, 2024

CWE: NVD-CWE-noinfo

Vulnerability Description

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

68 configuration(s) from 1 vendor(s)

workspace

Version:

1808

CPE:

cpe:2.3:a:citrix:workspace:1808:*:*:*:*:linux:*:*

workspace

Version:

1902

CPE:

cpe:2.3:a:citrix:workspace:1902:*:*:*:*:windows:*:*

workspace

Version:

2301.1

CPE:

cpe:2.3:a:citrix:workspace:2301.1:*:*:*:*:html5:*:*

workspace

Version:

1904.1

CPE:

cpe:2.3:a:citrix:workspace:1904.1:*:*:*:*:windows:*:*

workspace

Version:

2303

CPE:

cpe:2.3:a:citrix:workspace:2303:*:*:*:*:html5:*:*

workspace

Version:

2206

CPE:

cpe:2.3:a:citrix:workspace:2206:*:*:*:*:html5:*:*

workspace

Version:

2012.1

CPE:

cpe:2.3:a:citrix:workspace:2012.1:*:*:*:*:windows:*:*

workspace

Version:

1910

CPE:

cpe:2.3:a:citrix:workspace:1910:*:*:*:*:linux:*:*

workspace

Version:

2208

CPE:

cpe:2.3:a:citrix:workspace:2208:*:*:*:*:html5:*:*

workspace

Version:

1903

CPE:

cpe:2.3:a:citrix:workspace:1903:*:*:*:*:linux:*:*

workspace

Version:

23.9.0.24.4

CPE:

cpe:2.3:a:citrix:workspace:23.9.0.24.4:*:*:*:*:*:*:*

workspace

Version:

2305

CPE:

cpe:2.3:a:citrix:workspace:2305:*:*:*:*:html5:*:*

workspace

Version:

2404

CPE:

cpe:2.3:a:citrix:workspace:2404:*:*:*:*:html5:*:*

workspace

Version:

1809

CPE:

cpe:2.3:a:citrix:workspace:1809:*:*:*:*:linux:*:*

workspace

Version:

1909

CPE:

cpe:2.3:a:citrix:workspace:1909:*:*:*:*:windows:*:*

workspace

Version:

2007

CPE:

cpe:2.3:a:citrix:workspace:2007:*:*:*:*:mac:*:*

workspace

Version:

1911

CPE:

cpe:2.3:a:citrix:workspace:1911:*:*:*:*:windows:*:*

workspace

Version:

21.1.5

CPE:

cpe:2.3:a:citrix:workspace:21.1.5:*:*:*:*:android:*:*

workspace

Version:

2012

CPE:

cpe:2.3:a:citrix:workspace:2012:*:*:*:*:windows:*:*

workspace

Version:

21.1.0

CPE:

cpe:2.3:a:citrix:workspace:21.1.0:*:*:*:*:android:*:*

workspace

Version:

2103

CPE:

cpe:2.3:a:citrix:workspace:2103:*:*:*:*:linux:*:*

workspace

Version:

2102

CPE:

cpe:2.3:a:citrix:workspace:2102:*:*:*:*:mac:*:*

workspace

Version:

21.2.0

CPE:

cpe:2.3:a:citrix:workspace:21.2.0:*:*:*:*:iphone_os:*:*

workspace

Version:

1910.2

CPE:

cpe:2.3:a:citrix:workspace:1910.2:*:*:*:*:mac:*:*

workspace

Version:

2105

CPE:

cpe:2.3:a:citrix:workspace:2105:*:*:*:-:windows:*:*

workspace

Version:

2304

CPE:

cpe:2.3:a:citrix:workspace:2304:*:*:*:*:html5:*:*

workspace

Version:

1906

CPE:

cpe:2.3:a:citrix:workspace:1906:*:*:*:*:linux:*:*

workspace

Version:

2203.1

CPE:

cpe:2.3:a:citrix:workspace:2203.1:cu2:*:*:ltsr:windows:*:*

workspace

Version:

1904

CPE:

cpe:2.3:a:citrix:workspace:1904:*:*:*:*:windows:*:*

workspace

Version:

2209

CPE:

cpe:2.3:a:citrix:workspace:2209:*:*:*:*:html5:*:*

workspace

Version:

2308

CPE:

cpe:2.3:a:citrix:workspace:2308:*:*:*:*:html5:*:*

workspace

Version:

1812

CPE:

cpe:2.3:a:citrix:workspace:1812:*:*:*:*:mac:*:*

workspace

Version:

2111

CPE:

cpe:2.3:a:citrix:workspace:2111:*:*:*:*:linux:*:*

workspace

Version:

19.12.4000

CPE:

cpe:2.3:a:citrix:workspace:19.12.4000:*:*:*:ltsr:windows:*:*

workspace

Version:

2008

CPE:

cpe:2.3:a:citrix:workspace:2008:*:*:*:*:mac:*:*

workspace

Version:

2004

CPE:

cpe:2.3:a:citrix:workspace:2004:*:*:*:*:linux:*:*

workspace

Version:

1901

CPE:

cpe:2.3:a:citrix:workspace:1901:*:*:*:*:linux:*:*

workspace

Version:

2307

CPE:

cpe:2.3:a:citrix:workspace:2307:*:*:*:*:html5:*:*

workspace

Version:

2212

CPE:

cpe:2.3:a:citrix:workspace:2212:*:*:*:*:html5:*:*

workspace

Version:

2010

CPE:

cpe:2.3:a:citrix:workspace:2010:*:*:*:*:windows:*:*

workspace

Version:

2312

CPE:

cpe:2.3:a:citrix:workspace:2312:*:*:*:*:html5:*:*

workspace

Version:

2310

CPE:

cpe:2.3:a:citrix:workspace:2310:*:*:*:*:html5:*:*

workspace

Version:

2309

CPE:

cpe:2.3:a:citrix:workspace:2309:*:*:*:*:html5:*:*

workspace

Version:

2306

CPE:

cpe:2.3:a:citrix:workspace:2306:*:*:*:*:html5:*:*

workspace

Version:

1912

CPE:

cpe:2.3:a:citrix:workspace:1912:-:*:*:ltsr:windows:*:*

workspace

Version:

2112

CPE:

cpe:2.3:a:citrix:workspace:2112:*:*:*:*:linux:*:*

workspace

Version:

2009

CPE:

cpe:2.3:a:citrix:workspace:2009:*:*:*:*:linux:*:*

workspace

Version:

1907

CPE:

cpe:2.3:a:citrix:workspace:1907:*:*:*:*:windows:*:*

workspace

Version:

2211

CPE:

cpe:2.3:a:citrix:workspace:2211:*:*:*:*:html5:*:*

workspace

Version:

2402

CPE:

cpe:2.3:a:citrix:workspace:2402:*:*:*:*:html5:*:*

workspace

Version:

2103.1

CPE:

cpe:2.3:a:citrix:workspace:2103.1:*:*:*:*:windows:*:*

workspace

Version:

2009.6

CPE:

cpe:2.3:a:citrix:workspace:2009.6:*:*:*:*:windows:*:*

workspace

Version:

1810

CPE:

cpe:2.3:a:citrix:workspace:1810:*:*:*:*:linux:*:*

workspace

Version:

2001

CPE:

cpe:2.3:a:citrix:workspace:2001:*:*:*:*:mac:*:*

workspace

Version:

2101

CPE:

cpe:2.3:a:citrix:workspace:2101:*:*:*:*:mac:*:*

workspace

Version:

2301

CPE:

cpe:2.3:a:citrix:workspace:2301:*:*:*:*:html5:*:*

workspace

Version:

2302

CPE:

cpe:2.3:a:citrix:workspace:2302:*:*:*:*:linux:*:*

workspace

Version:

2311

CPE:

cpe:2.3:a:citrix:workspace:2311:*:*:*:*:html5:*:*

workspace

Version:

2404.1

CPE:

cpe:2.3:a:citrix:workspace:2404.1:*:*:*:*:html5:*:*

workspace

Version:

1908

CPE:

cpe:2.3:a:citrix:workspace:1908:*:*:*:*:linux:*:*

workspace

Version:

2006

CPE:

cpe:2.3:a:citrix:workspace:2006:*:*:*:*:linux:*:*

workspace

Version:

2205.6

CPE:

cpe:2.3:a:citrix:workspace:2205.6:*:*:*:*:html5:*:*

workspace

Version:

1903.1

CPE:

cpe:2.3:a:citrix:workspace:1903.1:*:*:*:*:mac:*:*

workspace

Version:

2002

CPE:

cpe:2.3:a:citrix:workspace:2002:*:*:*:*:mac:*:*

workspace

Version:

1905

CPE:

cpe:2.3:a:citrix:workspace:1905:*:*:*:*:windows:*:*

workspace

Version:

2207

CPE:

cpe:2.3:a:citrix:workspace:2207:*:*:*:*:html5:*:*

workspace

Version:

2210

CPE:

cpe:2.3:a:citrix:workspace:2210:*:*:*:*:html5:*:*

workspace

Version:

2005

CPE:

cpe:2.3:a:citrix:workspace:2005:*:*:*:*:mac:*:*

This vulnerability affects 68 software configuration(s). Ensure you patch all affected systems.

References & Resources

https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US
secure@citrix.com Vendor Advisory

Severity Details

7.3

out of 10.0

High

Weakness Type (CWE)

NVD-CWE-noinfo

View CWE Details on MITRE

Key Information

Published Date: September 11, 2024

External Resources

NIST NVD

National Vulnerability Database

MITRE CVE

Official CVE record

CVE Vulnerabilities

Posts & Pages

High Severity Vulnerability

CVE-2024-7890

Vulnerability Description

CVSS Metrics

Known Affected Software

citrix

References & Resources

Severity Details

Weakness Type (CWE)

Key Information

External Resources