A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-07-10
Updated
2023-07-18
A malicious user can cause log files to be written to a directory that they do not have permission to write to.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-02-16
Updated
2023-02-24
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.
Max CVSS
5.3
EPSS Score
0.08%
Published
2022-06-16
Updated
2022-06-16
Citrix Federated Authentication Service (FAS) 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). This issue only occurs if PowerShell was used when configuring FAS to store the registration authority certificate’s private key in the TPM. It does not occur if the TPM was not selected for use or if the FAS administration console was used for configuration.
Max CVSS
4.4
EPSS Score
0.04%
Published
2022-03-10
Updated
2022-03-18
Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Max CVSS
5.3
EPSS Score
0.16%
Published
2020-06-11
Updated
2024-03-21
Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Citrix Gateway usage. No dynamic content is served under these paths, which implies that those cached pages would not change based on parameter values. All other data traffic going through Citrix Gateway are NOT cached by default
Max CVSS
5.8
EPSS Score
0.13%
Published
2020-03-06
Updated
2024-03-21
Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. NOTE: Citrix disputes this as not a vulnerability. There is no sensitive information disclosure through the cache headers on Citrix ADC. The "Via" header lists cache protocols and recipients between the start and end points for a request or a response. The "Age" header provides the age of the cached response in seconds. Both headers are commonly used for proxy cache and the information is not sensitive
Max CVSS
5.3
EPSS Score
1.24%
Published
2020-03-06
Updated
2024-03-21
Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.
Max CVSS
4.3
EPSS Score
0.09%
Published
2021-01-06
Updated
2021-01-12

CVE-2020-8196

Known exploited
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Max CVSS
4.3
EPSS Score
0.26%
Published
2020-07-10
Updated
2022-09-20
CISA KEV Added
2021-11-03
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
Max CVSS
5.9
EPSS Score
0.12%
Published
2020-03-16
Updated
2020-03-20
Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.
Max CVSS
5.9
EPSS Score
0.12%
Published
2019-05-08
Updated
2019-05-09
Citrix ShareFile before 19.23 allows a downgrade from two-factor authentication to one-factor authentication. An attacker with access to the offline victim's otp physical token or virtual app (like google authenticator) is able to bypass the first authentication phase (username/password mechanism) and log-in using username/otp combination only (phase 2 of 2FA).
Max CVSS
5.9
EPSS Score
0.10%
Published
2019-05-13
Updated
2019-07-09
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled.
Max CVSS
5.9
EPSS Score
0.33%
Published
2019-02-22
Updated
2020-08-24
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.
Max CVSS
5.6
EPSS Score
0.06%
Published
2018-12-08
Updated
2019-10-03
Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.
Max CVSS
4.8
EPSS Score
0.07%
Published
2018-10-24
Updated
2018-12-06
Citrix ShareFile StorageZones Controller before 5.4.2 has Information Exposure Through an Error Message.
Max CVSS
4.3
EPSS Score
0.05%
Published
2018-09-26
Updated
2018-11-23
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
Max CVSS
5.6
EPSS Score
0.08%
Published
2018-06-21
Updated
2021-06-09
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 allow remote attackers to obtain sensitive information from the backend client TLS handshake by leveraging use of TLS with Client Certificates and a Diffie-Hellman Ephemeral (DHE) key exchange.
Max CVSS
5.9
EPSS Score
0.12%
Published
2017-12-13
Updated
2018-01-05

CVE-2017-17382

Public exploit
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
Max CVSS
5.9
EPSS Score
0.30%
Published
2017-12-13
Updated
2019-10-03
Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270.
Max CVSS
5.9
EPSS Score
0.12%
Published
2017-02-08
Updated
2017-03-14
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators.
Max CVSS
4.9
EPSS Score
0.07%
Published
2017-01-30
Updated
2019-10-03
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.
Max CVSS
5.5
EPSS Score
0.06%
Published
2017-01-26
Updated
2017-01-27
Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address information via unspecified vectors.
Max CVSS
5.3
EPSS Score
0.12%
Published
2017-01-18
Updated
2017-01-23
Citrix XenMobile Server before 10.5.0.24 allows man-in-the-middle attackers to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a valid vulnerability" because an exploitation scenario would involve a man-in-the-middle attack against a TLS session
Max CVSS
5.3
EPSS Score
0.10%
Published
2017-05-05
Updated
2024-03-21
Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for iOS before 10.3.6 might allow physically proximate attackers to bypass in-application Apple Touch ID authentication via unspecified vectors, related to an application requiring re-authentication.
Max CVSS
4.3
EPSS Score
0.04%
Published
2016-07-13
Updated
2016-07-14
87 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!