PT-2020-20061 · Citrix · Citrix Xenmobile Server

Published

2020-09-18

Updated

2020-10-01

CVE-2020-8253

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Citrix XenMobile Server versions prior to 10.9 RP5 Citrix XenMobile Server 10.10 before RP6 Citrix XenMobile Server 10.11 before RP4 Citrix XenMobile Server 10.12 before RP2

Description The issue is related to improper authentication, which allows unauthorized access to sensitive files.

Recommendations For Citrix XenMobile Server versions prior to 10.9 RP5, update to version 10.9 RP5 or later. For Citrix XenMobile Server 10.10 before RP6, update to RP6 or later. For Citrix XenMobile Server 10.11 before RP4, update to RP4 or later. For Citrix XenMobile Server 10.12 before RP2, update to RP2 or later.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2020-8253

Affected Products

Citrix Xenmobile Server

PT-2020-20061 · Citrix · Citrix Xenmobile Server

CVE-2020-8253

Weakness Enumeration

Related Identifiers

Affected Products

References · 3