Vulnerabilities > Citrix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-07 | CVE-2020-8982 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. | 7.5 |
| 2020-05-07 | CVE-2020-7473 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. | 7.5 |
| 2020-03-16 | CVE-2020-6175 | Improper Certificate Validation vulnerability in Citrix Sd-Wan Center and Netscaler Sd-Wan Center Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation. | 5.9 |
| 2020-03-10 | CVE-2019-11345 | Cross-site Scripting vulnerability in Citrix Sd-Wan Center and Netscaler Sd-Wan Center Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow XSS. | 6.1 |
| 2020-03-06 | CVE-2020-10112 | HTTP Request Smuggling vulnerability in Citrix Gateway Firmware 11.1/12.0/12.1 Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. | 5.4 |
| 2020-03-06 | CVE-2020-10111 | HTTP Request Smuggling vulnerability in Citrix Gateway Firmware 11.1/12.0/12.1 Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. | 7.5 |
| 2020-03-06 | CVE-2020-10110 | Unspecified vulnerability in Citrix Gateway Firmware 11.1/12.0/12.1 Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. | 5.3 |
| 2020-01-23 | CVE-2012-4606 | Improper Privilege Management vulnerability in Citrix Xenserver Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges. | 7.8 |
| 2020-01-10 | CVE-2012-4603 | Improper Input Validation vulnerability in Citrix Receiver and Xenapp Online Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver. | 7.8 |
| 2020-01-02 | CVE-2013-3620 | Insufficiently Protected Credentials vulnerability in multiple products Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312. | 7.5 |