Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xenmobile_server
(Citrix)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 21 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-05-23 | CVE-2018-10653 | There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | Xenmobile_server | 9.8 | ||
| 2019-06-05 | CVE-2018-18571 | An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. An attacker can impersonate and take actions on behalf of any Mobile Application Management (MAM) enrolled device. | Xenmobile_server | N/A | ||
| 2018-05-23 | CVE-2018-10654 | There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | Xenmobile_server | 8.1 | ||
| 2018-05-23 | CVE-2018-10652 | There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. | Xenmobile_server | 7.5 | ||
| 2018-05-23 | CVE-2018-10651 | There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | Xenmobile_server | 6.1 | ||
| 2018-05-23 | CVE-2018-10650 | There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | Xenmobile_server | 7.8 | ||
| 2018-05-23 | CVE-2018-10649 | There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3. | Xenmobile_server | 6.1 | ||
| 2018-05-23 | CVE-2018-10648 | There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | Xenmobile_server | 9.8 | ||
| 2017-06-16 | CVE-2017-9231 | XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3 allows attackers to obtain sensitive information via unspecified vectors. | Xenmobile_server | 7.5 | ||
| 2016-04-07 | CVE-2016-2789 | Cross-site scripting (XSS) vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Xenmobile_server | 6.1 |