Vulnerabilities > Citrix > Xenapp > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-11 | CVE-2020-13998 | Information Exposure Through Discrepancy vulnerability in Citrix Xenapp 6.5.0.0 Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. | 5.3 |
| 2016-06-01 | CVE-2016-4810 | Improper Access Control vulnerability in Citrix Xenapp and Xendesktop Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow attackers to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors. | 5.0 |
| 2008-10-22 | CVE-2008-4676 | Permissions, Privileges, and Access Controls vulnerability in Citrix Access Essentials, Presentation Server and Xenapp Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. | 6.8 |