CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Citrix : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-10112 444 2020-03-06 2020-03-18
5.8
None Remote Medium Not required Partial Partial None
** DISPUTED ** Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Citrix Gateway usage. No dynamic content is served under these paths, which implies that those cached pages would not change based on parameter values. All other data traffic going through Citrix Gateway are NOT cached by default.
2 CVE-2020-10111 444 2020-03-06 2020-03-18
5.0
None Remote Low Not required None Partial None
** DISPUTED ** Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic for performance optimization.
3 CVE-2020-10110 668 2020-03-06 2020-03-18
5.0
None Remote Low Not required Partial None None
** DISPUTED ** Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. NOTE: Citrix disputes this as not a vulnerability. There is no sensitive information disclosure through the cache headers on Citrix ADC. The "Via" header lists cache protocols and recipients between the start and end points for a request or a response. The "Age" header provides the age of the cached response in seconds. Both headers are commonly used for proxy cache and the information is not sensitive.
4 CVE-2020-8983 22 Exec Code Dir. Trav. 2020-05-07 2020-05-15
5.0
None Remote Low Not required Partial None None
An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8982.
5 CVE-2020-8982 22 Dir. Trav. 2020-05-07 2020-05-15
5.0
None Remote Low Not required Partial None None
An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8983.
6 CVE-2020-8272 287 Bypass 2020-11-16 2020-11-30
5.0
None Remote Low Not required None Partial None
Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8
7 CVE-2020-8258 269 2020-12-14 2020-12-16
5.0
None Remote Low Not required None Partial None
Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, allows an attacker to modify arbitrary files.
8 CVE-2020-8253 287 2020-09-18 2020-10-01
5.0
None Remote Low Not required Partial None None
Improper authentication in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 leads to the ability to access sensitive files.
9 CVE-2020-8246 400 DoS 2020-09-18 2020-10-07
5.0
None Remote Low Not required None None Partial
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to a denial of service attack originating from the management network.
10 CVE-2020-8210 522 2020-08-17 2020-08-20
5.0
None Remote Low Not required Partial None None
Insufficient protection of secrets in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 discloses credentials of a service account.
11 CVE-2020-8209 22 Dir. Trav. 2020-08-17 2020-08-20
5.0
None Remote Low Not required Partial None None
Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files.
12 CVE-2020-7473 22 Dir. Trav. 2020-05-07 2020-05-12
5.0
None Remote Low Not required Partial None None
In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-8982 and CVE-2020-8983 but has essentially the same risk.
13 CVE-2019-13608 611 2019-08-29 2019-09-04
5.0
None Remote Low Not required Partial None None
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.
14 CVE-2019-7217 203 2019-05-13 2020-08-24
5.0
None Remote Low Not required Partial None None
Citrix ShareFile before 19.12 allows User Enumeration. It is possible to enumerate application username based on different server responses using the request to check the otp code. No authentication is required.
15 CVE-2018-17447 532 2018-10-23 2018-12-17
5.0
None Remote Low Not required Partial None None
An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
16 CVE-2018-17444 22 Dir. Trav. 2018-10-23 2018-12-04
5.0
None Remote Low Not required Partial None None
A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
17 CVE-2018-10652 200 +Info 2018-05-23 2018-06-25
5.0
None Remote Low Not required Partial None None
There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3.
18 CVE-2018-10651 601 2018-05-23 2018-06-25
5.8
None Remote Medium Not required Partial Partial None
There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
19 CVE-2018-5314 287 Exec Code 2018-03-01 2019-10-03
5.0
None Remote Low Not required Partial None None
Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.
20 CVE-2017-9231 611 +Info 2017-06-16 2017-07-07
5.0
None Remote Low Not required Partial None None
XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3 allows attackers to obtain sensitive information via unspecified vectors.
21 CVE-2017-5572 269 2017-01-30 2019-10-03
5.5
None Remote Low ??? None Partial Partial
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database.
22 CVE-2016-9680 200 +Info 2017-01-18 2017-01-23
5.0
None Remote Low Not required Partial None None
Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors.
23 CVE-2016-9677 200 +Info 2017-01-18 2017-01-23
5.0
None Remote Low Not required Partial None None
Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address information via unspecified vectors.
24 CVE-2016-6273 DoS 2016-10-07 2017-07-29
5.0
None Remote Low Not required None None Partial
The lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) before 2015 SP5 and 2016 before R1 SP1, as used by Citrix License Server for Windows before 11.14.0.1 and Citrix License Server VPX before 11.14.0.1, allows remote attackers to cause a denial of service (crash) via a type 2F packet with a '01 19' opcode.
25 CVE-2016-5433 310 2016-06-17 2016-06-20
5.8
None Remote Medium Not required Partial Partial None
Citrix iOS Receiver before 7.0 allows attackers to cause TLS certificates to be incorrectly validated via unspecified vectors.
26 CVE-2016-4810 284 2016-06-01 2016-11-30
5.0
None Remote Low Not required None Partial None
Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow attackers to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.
27 CVE-2015-8555 200 +Info 2016-04-13 2017-07-01
5.0
None Remote Low Not required Partial None None
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors.
28 CVE-2015-7998 200 +Info 2015-11-17 2016-12-07
5.0
None Remote Low Not required Partial None None
The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allows attackers to obtain sensitive information via unspecified vectors.
29 CVE-2015-7996 200 +Info 2015-11-17 2016-12-07
5.0
None Remote Low Not required Partial None None
The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache.
30 CVE-2015-7704 20 DoS 2017-08-07 2020-06-18
5.0
None Remote Low Not required None None Partial
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
31 CVE-2015-2841 284 Bypass 2015-04-03 2016-12-03
5.0
None Remote Low Not required None Partial None
Citrix NetScaler AppFirewall, as used in NetScaler 10.5, allows remote attackers to bypass intended firewall restrictions via a crafted Content-Type header, as demonstrated by the application/octet-stream and text/xml Content-Types.
32 CVE-2015-2682 17 2015-03-26 2019-02-05
5.0
None Remote Low Not required Partial None None
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml.
33 CVE-2014-8495 310 +Info 2014-10-31 2017-09-08
5.0
None Remote Low Not required Partial None None
Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 applications, does not properly encrypt cached application data, which allows context-dependent attackers to obtain sensitive information by reading the cache.
34 CVE-2014-1910 310 +Info 2014-02-21 2015-11-04
5.8
None Remote Medium Not required Partial Partial None
Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X.509 certificates from SSL servers, which allow man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
35 CVE-2014-1664 200 +Info 2014-01-26 2018-10-09
5.0
None Remote Low Not required Partial None None
The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file.
36 CVE-2014-1663 +Info 2014-02-06 2018-01-03
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Citrix XenMobile Device Manager server (formerly Zenprise Device Manager server) 8.5, 8.6, and MDM 8.0.1 allows remote attackers to obtain sensitive information via unknown vectors.
37 CVE-2013-6943 94 2014-03-11 2014-03-11
5.0
None Remote Low Not required None Partial None
Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors related to SSH and Web management usernames.
38 CVE-2013-6940 255 +Info 2014-03-11 2014-03-11
5.0
None Remote Low Not required Partial None None
Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive information via unspecified vectors.
39 CVE-2013-6939 DoS 2014-03-11 2014-03-11
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication."
40 CVE-2013-6938 DoS 2014-03-11 2014-03-11
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon."
41 CVE-2013-6077 264 Bypass 2013-11-05 2013-11-07
5.8
None Remote Medium Not required Partial Partial None
Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions.
42 CVE-2013-2758 310 2014-05-23 2017-08-29
5.0
None Remote Low Not required None Partial None
Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers to guess the console access URL via a brute force attack.
43 CVE-2013-2756 287 Bypass 2014-05-23 2017-08-29
5.0
None Remote Low Not required None Partial None
Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging knowledge of the source code.
44 CVE-2013-2263 264 2013-03-19 2017-08-29
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in Citrix Access Gateway Standard Edition 5.0.x before 5.0.4.223524 allows remote attackers to access network resources via unknown attack vectors.
45 CVE-2012-6314 2012-12-26 2017-08-29
5.0
None Remote Low Not required None Partial None
Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows authenticated users to retain access to the USB device.
46 CVE-2012-3498 20 DoS 2012-11-23 2017-08-29
5.6
None Local Low Not required Partial None Complete
PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index.
47 CVE-2009-3936 310 Bypass 2009-11-13 2017-08-17
5.8
None Remote Medium Not required None Partial Partial
Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x before 11.0.150 and 11.x before 11.2, Online Plug-in for Mac before 11.0, Receiver for iPhone before 1.0.3, and ICA Java, Mac, UNIX, and Windows Clients for XenApp and XenDesktop allows remote attackers to impersonate the SSL/TLS server and bypass authentication via a crafted certificate, a different vulnerability than CVE-2009-3555.
48 CVE-2009-2214 399 DoS 2009-06-25 2017-08-17
5.0
None Remote Low Not required None None Partial
The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an unspecified request.
49 CVE-2008-2299 310 Bypass 2008-05-18 2017-08-08
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow attackers to bypass intended restrictions.
50 CVE-2007-6193 200 +Info 2007-11-30 2018-10-15
5.0
None Remote Low Not required Partial None None
The web management interface in Citrix NetScaler 8.0 build 47.8 stores the device's primary IP address in a cookie, which might allow remote attackers to obtain sensitive network configuration information if this address is not the same as the address being used by the web interface.
Total number of vulnerabilities : 60   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.