• Insights

Citrix Workspace app for Mac Security Bulletin for CVE-2024-7549

Jeff Silverman

< 1 min read

All Insights
Description of Problem

A vulnerability has been discovered in Citrix Workspace app for Mac, which, if exploited, may result in a session hijack of a user who is authenticated on cloud stores.

Affected Versions

The following supported versions of Citrix Workspace app for Mac are affected by the vulnerability:

  • Citrix Workspace app for Mac before 2409
Summary
CVD-ID Description Pre-Requisites CWE CVSS
CVE-2024-7549 Possible session
hijack of a user who is
authenticated on cloud store
Citrix Workspace app authenticated user using cloud store may be impacted when:
• Accessing SaaS/Web app
OR
• Accessing CVAD apps or desktops using Custom Workspace URL
CWE-287: Improper Authentication CVSS v4.0 Base Score: 6.9 (CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)
What Customers Should Do

Cloud Software Group strongly urges affected customers of Citrix Workspace app for Mac to install the relevant updated versions of Citrix Workspace app for Mac as soon as possible:

  • Citrix Workspace app for Mac 2409 and later
More information

Security Lockhttps://support.citrix.com/s/article/CTX691484-citrix-workspace-app-for-mac-security-bulletin-for-cve20247549?language=en_US

For assistance from the Kraft Kennedy team, please contact us.