CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-22928

A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.1%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

https://support.citrix.com/article/CTX319750
https://support.citrix.com/article/CTX319750

Products affected by CVE-2021-22928

Citrix » Virtual Apps And Desktops » Version: 1912

cpe:2.3:a:citrix:virtual_apps_and_desktops:1912
Citrix » Virtual Apps And Desktops » Version: 2006

cpe:2.3:a:citrix:virtual_apps_and_desktops:2006
Citrix » Virtual Apps And Desktops » Version: 2106

cpe:2.3:a:citrix:virtual_apps_and_desktops:2106
Citrix » Xenapp » Version: 7.15

cpe:2.3:a:citrix:xenapp:7.15
Citrix » Xendesktop » Version: 7.15

cpe:2.3:a:citrix:xendesktop:7.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22928

Products

Pricing

Contact Us