Vulnerabilities > Citrix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-10 | CVE-2020-8190 | Improper Preservation of Permissions vulnerability in Citrix products Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation. | 6.0 |
| 2020-07-10 | CVE-2020-8187 | Improper Input Validation vulnerability in Citrix products Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack. | 5.0 |
| 2020-06-11 | CVE-2020-13998 | Information Exposure Through Discrepancy vulnerability in Citrix Xenapp 6.5.0.0 Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. | 5.3 |
| 2020-05-07 | CVE-2020-8983 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. | 5.0 |
| 2020-05-07 | CVE-2020-8982 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. | 5.0 |
| 2020-05-07 | CVE-2020-7473 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. | 5.0 |
| 2020-03-16 | CVE-2020-6175 | Improper Certificate Validation vulnerability in Citrix Sd-Wan Center and Netscaler Sd-Wan Center Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation. | 4.3 |
| 2020-03-10 | CVE-2019-11345 | Cross-site Scripting vulnerability in Citrix Sd-Wan Center and Netscaler Sd-Wan Center Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow XSS. | 4.3 |
| 2020-03-06 | CVE-2020-10112 | HTTP Request Smuggling vulnerability in Citrix Gateway Firmware 11.1/12.0/12.1 Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. | 5.4 |
| 2020-03-06 | CVE-2020-10110 | Unspecified vulnerability in Citrix Gateway Firmware 11.1/12.0/12.1 Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. | 5.3 |