CVE-2020-8283
Last modified
CVE-2020-8283 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.. EPSS estimates a 2.57% chance of exploitation in the next 30 days.
Description
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Virtual Apps And Desktops | <= 2006 |
| Citrix | Virtual Apps And Desktops | >= 1903, <= 1912 |
| Citrix | Xenapp | < 7.6 |
| Citrix | Xenapp | >= 7.7, < 7.15 |
| Citrix | Xenapp | 7.6 |
| Citrix | Xenapp | 7.15 |
| Citrix | Xendesktop | < 7.6 |
| Citrix | Xendesktop | >= 7.7, < 7.15 |
| Citrix | Xendesktop | 7.6 |
| Citrix | Xendesktop | 7.15 |
References
- https://support.citrix.com/article/CTX285059Vendor Advisory
- https://support.citrix.com/article/CTX285059Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-8283?
How severe is CVE-2020-8283?
How do I fix CVE-2020-8283?
Are you affected by CVE-2020-8283?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST