Citrix Workspace app for Mac Security Bulletin for CVE-2024-7549

Citrix Workspace app for Mac Security Bulletin for CVE-2024-7549

by | Okt 8, 2024 | ctx_workspace

Description of Problem

A vulnerability has been discovered in Citrix Workspace app for Mac, which, if exploited, may result in a session hijack of a user who is authenticated on cloud stores.

Affected Versions: 

The following supported versions of Citrix Workspace app for Mac are affected by the vulnerability: 
Citrix Workspace app for Mac before 2409


Summary: 

CVE ID    DescriptionPre-requisites    CWECVSS
CVE-2024-7549Possible  session hijack of a  user who is authenticated on cloud storeCitrix Workspace app authenticated user using cloud store may be impacted when:Accessing SaaS/Web appOR Accessing CVAD apps or desktops using Custom Workspace URLCWE-287: Improper AuthenticationCVSS v4.0 Base Score: 6.9(CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N) 

What Customers Should Do

Cloud Software Group strongly urges affected customers of Citrix Workspace app for Mac to install the relevant updated versions of Citrix Workspace app for Mac as soon as possible: 

  • Citrix Workspace app for Mac 2409 and later

Track the CVE on the original Citrix article: https://support.citrix.com/s/article/CTX691484-citrix-workspace-app-for-mac-security-bulletin-for-cve20247549