CVE-2019-18910
Severity:
MEDIUM
Type:
CWE-78
OS Command Injections
Publication date:
22/11/2019
Last modified:
20/07/2023
Description
The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.
Impact
Base Score 3.x
6.80
Severity 3.x
MEDIUM
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:hp:thinpro:6.2:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:thinpro:6.2.1:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:thinpro:7.0:*:*:*:*:*:*:* | ||
cpe:2.3:o:hp:thinpro:7.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page