CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

citrix

xenapp

4 known vulnerabilities · sorted by CVSS score

CVE-2020-8283

HIGH8.8

An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.

citrix / virtual_apps_and_desktops+13

Network

Published Dec 14, 2020

CVE-2020-8269

HIGH8.8

An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9

citrix / virtual_apps_and_desktops+13

Network

Published Nov 16, 2020

CVE-2021-22928

HIGH7.8

A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.

citrix / virtual_apps_and_desktops+8

Local

Published Aug 5, 2021

CVE-2020-13998

MEDIUM5.3

Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

citrix / xenapp

Network

Published Jun 11, 2020