Vulnerability Description
Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Workspace App | < 2006.1 |
Related Weaknesses (CWE)
References
- https://github.com/hessandrew/CVE-2020-13884ExploitThird Party Advisory
- https://support.citrix.com/article/CTX275460
- https://github.com/hessandrew/CVE-2020-13884ExploitThird Party Advisory
- https://support.citrix.com/article/CTX275460
FAQ
What is CVE-2020-13884?
CVE-2020-13884 is a vulnerability with a CVSS score of 7.8 (HIGH). Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application.
How severe is CVE-2020-13884?
CVE-2020-13884 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-13884?
Check the references section above for vendor advisories and patch information. Affected products include: Citrix Workspace App.