Vulnerabilities > Citrix > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-08-17 CVE-2020-8212 Incorrect Authorization vulnerability in Citrix Xenmobile Server
Improper access control in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows access to privileged functionality.
network
low complexity
citrix CWE-863
critical
 9.8
9.8
2020-08-17 CVE-2020-8211 SQL Injection vulnerability in Citrix Xenmobile Server
Improper input validation in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows SQL Injection.
network
low complexity
citrix CWE-89
critical
 9.8
9.8
2019-12-27 CVE-2019-19781 Path Traversal vulnerability in Citrix products
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0.
network
low complexity
citrix CWE-22
critical
 9.8
9.8
2019-10-21 CVE-2019-18225 Unspecified vulnerability in Citrix products
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28.
network
low complexity
citrix
critical
 9.8
9.8
2019-07-16 CVE-2019-12990 Path Traversal vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
network
low complexity
citrix CWE-22
critical
 9.8
9.8
2019-07-16 CVE-2019-12989 SQL Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
network
low complexity
citrix CWE-89
critical
 9.8
9.8
2019-07-16 CVE-2019-12988 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12987 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12986 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12985 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8