Skip to main content
Skip table of contents

ISN 2023-01: Citrix Workspace App Vulnerability

Updated 28th February 2023 (Citrix advises updating to CWA 2302 as the only fix)

First published 20 February 2023

CVSS 3.1 High

CVSS:3.1 n/a

Summary

A vulnerability has been found in the Citrix Workspace App (CWA) for Linux in versions before 2302. The following IGEL products are affected:

  • IGEL OS 11

Details

Citrix advises that there is a vulnerability in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched. This issue affects all supported versions of Citrix Workspace app for Linux before 2302.

Update Instructions

  • Update to IGEL OS version 11.08.255, which contains CWA 2302, and use this version. It is available to IGEL customers as a private build from IGEL Customer Engineering.

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.