PT-2018-10026 · Citrix · Citrix Xenmobile Server

Publicado

2018-05-23

Atualizado

2018-06-25

CVE-2018-10648

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Citrix XenMobile Server versions 10.7 before RP3 Citrix XenMobile Server versions 10.8 before RP2

Description The issue concerns unauthenticated file upload vulnerabilities.

Recommendations For Citrix XenMobile Server version 10.7 before RP3, update to a version that includes RP3 or later to resolve the issue. For Citrix XenMobile Server version 10.8 before RP2, update to a version that includes RP2 or later to resolve the issue.

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2018-10648

Produtos afetados

Citrix Xenmobile Server

PT-2018-10026 · Citrix · Citrix Xenmobile Server

CVE-2018-10648

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3