Security News > 2020 > May > Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets

Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform.

The newly identified security issues specifically affect customer-managed on-premises Citrix ShareFile storage zone controllers, a component that stores corporate data behind the firewall.

List of Affected and Patched Citrix ShareFile Versions If your company uses on-premises ShareFile storage zones controller versions 5.9.0 / 5.8.0 /5.7.0/ 5.6.0 / 5.5.0 and earlier, you are affected and recommended to immediately upgrade your platform to Storage zones controller 5.10.0 / 5.9.1 / 5.8.1 or later.

Where the Flaw Resides? At the time of writing, though not much technical details on the underlying vulnerabilities are available, an initial patch inspection by Dimitri reveals that at least one of the flaws could have resided in an old ASP.net Toolkit that Citrix Sharefile used.

To check if Citrix ShareFile implementation is affected or not, one can visit the following URL in the browser, and if the page returns blank, it's vulnerable, and if it through 404 error, it's either not flawed or has already been patched.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/HDQcKEZu3TQ/citrix-sharefile-vulnerability.html