Vulnerabilities > Citrix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-8212 | Incorrect Authorization vulnerability in Citrix Xenmobile Server Improper access control in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows access to privileged functionality. | 9.8 |
| 2020-08-17 | CVE-2020-8211 | SQL Injection vulnerability in Citrix Xenmobile Server Improper input validation in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows SQL Injection. | 9.8 |
| 2020-08-17 | CVE-2020-8210 | Insufficiently Protected Credentials vulnerability in Citrix Xenmobile Server Insufficient protection of secrets in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 discloses credentials of a service account. | 7.5 |
| 2020-08-17 | CVE-2020-8209 | Path Traversal vulnerability in Citrix Xenmobile Server Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files. | 7.5 |
| 2020-08-17 | CVE-2020-8208 | Cross-site Scripting vulnerability in Citrix Xenmobile Server Improper input validation in Citrix XenMobile Server 10.12 before RP1, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.11 before RP6 and Citrix XenMobile Server before 10.9 RP5 allows Cross-Site Scripting (XSS). | 6.1 |
| 2020-07-24 | CVE-2020-8207 | Improper Authentication vulnerability in Citrix Workspace 1912/2002 Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running. | 8.8 |
| 2020-07-10 | CVE-2020-8199 | Unspecified vulnerability in Citrix Gateway Plug-In for Linux Improper access control in Citrix ADC Gateway Linux client versions before 1.0.0.137 results in local privilege escalation to root. | 7.8 |
| 2020-07-10 | CVE-2020-8198 | Cross-site Scripting vulnerability in Citrix products Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in Stored Cross-Site Scripting (XSS). | 6.1 |
| 2020-07-10 | CVE-2020-8197 | Unspecified vulnerability in Citrix products Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands. | 8.8 |
| 2020-07-10 | CVE-2020-8196 | Improper Authentication vulnerability in Citrix products Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. | 4.3 |