CVE-2021-44519 : In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Director

In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal vulnerability, leading to remote code execution.

Published 2022-04-19 16:17:09

Updated 2022-12-02 22:41:25

Source MITRE

View at NVD, CVE.org

Vulnerability category: Directory traversalExecute code

Products affected by CVE-2021-44519

Citrix » Xenmobile Server » Version: 10.13.0
cpe:2.3:a:citrix:xenmobile_server:10.13.0:-:*:*:*:*:*:*
Matching versions
Citrix » Xenmobile Server » Version: 10.13.0 Update Rolling Patch 3
cpe:2.3:a:citrix:xenmobile_server:10.13.0:rolling_patch_3:*:*:*:*:*:*
Matching versions
Citrix » Xenmobile Server » Version: 10.13.0 Update Rolling Patch 4
cpe:2.3:a:citrix:xenmobile_server:10.13.0:rolling_patch_4:*:*:*:*:*:*
Matching versions
Citrix » Xenmobile Server » Version: 10.13.0 Update Rolling Patch 5
cpe:2.3:a:citrix:xenmobile_server:10.13.0:rolling_patch_5:*:*:*:*:*:*
Matching versions
Citrix » Xenmobile Server » Version: 10.13.0 Update Rolling Patch 6
cpe:2.3:a:citrix:xenmobile_server:10.13.0:rolling_patch_6:*:*:*:*:*:*
Matching versions
Citrix » Xenmobile Server » Version: 10.14.0
cpe:2.3:a:citrix:xenmobile_server:10.14.0:-:*:*:*:*:*:*
Matching versions
Citrix » Xenmobile Server » Version: 10.14.0 Update Rolling Patch 1
cpe:2.3:a:citrix:xenmobile_server:10.14.0:rolling_patch_1:*:*:*:*:*:*
Matching versions
Citrix » Xenmobile Server » Version: 10.14.0 Update Rolling Patch 2
cpe:2.3:a:citrix:xenmobile_server:10.14.0:rolling_patch_2:*:*:*:*:*:*
Matching versions
Citrix » Xenmobile Server » Version: 10.14.0 Update Rolling Patch 3
cpe:2.3:a:citrix:xenmobile_server:10.14.0:rolling_patch_3:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.58%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 68 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.0	MEDIUM	AV:N/AC:M/Au:S/C:P/I:P/A:P	6.8	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Assigned by: nvd@nist.gov (Primary)

https://www.chtsecurity.com/news/09be10ae-b50e-46c9-8ce7-2e995fd988fe

CHT Security Red Team Discovered Vulnerabilities in Well-Known Endpoint Management System｜中華資安國際 CHT Security Co., Ltd.
Third Party Advisory

CVEs referencing this url
https://gist.github.com/tree-chtsec/30932b9c94b8c7e4209d22b8b52d597f

gist.txt · GitHub
Third Party Advisory
https://support.citrix.com/article/CTX370551

Citrix Endpoint Management (XenMobile Server) Security Bulletin for CVE-2021-44519, CVE-2021-44520, and CVE-2022-26151
Vendor Advisory

CVEs referencing this url
https://docs.citrix.com/en-us/xenmobile/server/document-history.html

Citrix XenMobile Server Document History | XenMobile Server Current Release
Vendor Advisory

CVEs referencing this url

Jump to