Citrix Xenapp
9 CVEs affecting Citrix Xenapp. Latest disclosed: 2021-08-05. Critical: 1, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-6493 | Critical | 9.8 | 2016-08-19 | Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via v… |
CVE-2020-8283 | High | 8.8 | 2020-12-14 | An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912… |
CVE-2020-8269 | High | 8.8 | 2020-11-16 | An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CT… |
CVE-2021-22928 | High | 7.8 | 2021-08-05 | A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile… |
CVE-2016-4810 | High | 7.5 | 2016-06-01 | Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow attackers to set Access Pol… |
CVE-2020-13998 | Medium | 5.3 | 2020-06-11 | Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page o… |
CVE-2012-5161 | | 2012-12-26 | The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors. | |
CVE-2009-2453 | | 2009-07-14 | Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Editi… | |
CVE-2008-4676 | | 2008-10-22 | Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1… |