Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-18	CVE-2020-8253	Improper Authentication vulnerability in Citrix Xenmobile Server Improper authentication in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 leads to the ability to access sensitive files. network low complexity citrix CWE-287	5.0
2020-08-17	CVE-2020-8210	Insufficiently Protected Credentials vulnerability in Citrix Xenmobile Server Insufficient protection of secrets in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 discloses credentials of a service account. network low complexity citrix CWE-522	5.0
2020-08-17	CVE-2020-8209	Path Traversal vulnerability in Citrix Xenmobile Server Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files. network low complexity citrix CWE-22	5.0
2020-08-17	CVE-2020-8208	Cross-site Scripting vulnerability in Citrix Xenmobile Server Improper input validation in Citrix XenMobile Server 10.12 before RP1, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.11 before RP6 and Citrix XenMobile Server before 10.9 RP5 allows Cross-Site Scripting (XSS). network citrix CWE-79	4.3
2019-06-05	CVE-2018-18571	Improper Authentication vulnerability in Citrix Xenmobile Server 10.8.0/10.9.0 An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. network low complexity citrix CWE-287	6.4
2018-05-23	CVE-2018-10654	Deserialization of Untrusted Data vulnerability in Citrix Xenmobile Server 10.7/10.8 There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. network citrix CWE-502	6.8
2018-05-23	CVE-2018-10652	Information Exposure vulnerability in Citrix Xenmobile Server 10.7 There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. network low complexity citrix CWE-200	5.0
2018-05-23	CVE-2018-10651	Open Redirect vulnerability in Citrix Xenmobile Server 10.7/10.8 There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. network citrix CWE-601	5.8
2018-05-23	CVE-2018-10650	Untrusted Search Path vulnerability in Citrix Xenmobile Server 10.7/10.8 There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. network citrix CWE-426	6.8
2018-05-23	CVE-2018-10649	Cross-site Scripting vulnerability in Citrix Xenmobile Server 10.7 There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3. network citrix CWE-79	4.3