CVE-2006-6572

Severity

65%

Complexity

80%

Confidentiality

106%

Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2 with Advanced Access Control 4.2, before 20061114, when the Browser-Only access feature is enabled, allows remote authenticated users to bypass access policies via a certain login method, a different issue than CVE-2006-4846. NOTE: some of these details are obtained from third party information.

Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2 with Advanced Access Control 4.2, before 20061114, when the Browser-Only access feature is enabled, allows remote authenticated users to bypass access policies via a certain login method, a different issue than CVE-2006-4846. NOTE: some of these details are obtained from third party information.

CVSS 2.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P).

Overview

Type

Citrix

First reported 18 years ago

2006-12-15 11:28:00

Last updated 7 years ago

2017-07-29 01:29:00

Affected Software

Citrix Advanced Access Control 4.0

4.0

Citrix Access Gateway 4.2

4.2

References

22909

1017227

Patch, Vendor Advisory

http://support.citrix.com/article/CTX111614

Patch, Vendor Advisory

http://support.citrix.com/article/CTX111615

21080

ADV-2006-4525

citrix-access-login-security-bypass(30302)

citrix-access-browser-security-bypass(30303)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.