Vulnerability Database

290,278

Total vulnerabilities in the database

CVE-2001-0908

CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).

  • Published: Nov 21, 2001
  • Updated: Apr 13, 2023
  • CVE: CVE-2001-0908
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
citrix / metaframe 1.8 1.8.x