Improper Access Control Vulnerability in AppDNA
CTX253828 NewApplicable Products : Citrix Virtual Apps and DesktopsA vulnerability has been identified in AppDNA that could result in access controls not being enforced when accessing the web console potentially allowing privilege escalation and remote code execution.This vulnerability has been...
Citrix Hypervisor Security Update
CTX251995 NewApplicable Products : Citrix Hypervisor 8.0, XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 2, XenServer 7.6A number of security issues have been identified in certain CPU hardware that may allow unprivileged code running on a CPU core to infer the value of...
Remote Code Execution Vulnerability in Citrix Workspace app and Receiver for Windows
CTX251986 NewApplicable Products : Citrix Workspace App, Receiver for WindowsA vulnerability has been identified in Citrix Workspace app and Receiver for Windows that could result in local drive access preferences not being enforced allowing an attacker read/write access to the clients...
Buffer Overflow Vulnerability in Citrix ADC and Citrix NetScaler Gateway
CTX249976 NewApplicable Products : Citrix ADC, NetScaler GatewayA buffer overflow vulnerability has been identified in Citrix ADC and Citrix NetScaler Gateway which could possibly result in a denial-of-service in a specific configuration.This vulnerability has been assigned the following CVE number:• CVE-
Citrix SD-WAN Security Update
CTX247735 NewApplicable Products : Citrix SD-WANAn information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic. The vulnerability has been assigned th
Authentication Bypass vulnerability in XenMobile Server
CTX247736 NewApplicable Products : XenMobile, XenMobile 10.8A vulnerability has been identified in Citrix XenMobile Server that could permit an attacker to impersonate and take actions on behalf of any Mobile Device Management (MDM) enrolled device. The vulnerability has been assigned the following...
Citrix SD-WAN Center Security Updates
CTX247737 UpdatedApplicable Products : Citrix SD-WANA command injection vulnerability has been identified in the management console of Citrix SD-WAN Center and NetScaler SD-WAN Center. This vulnerability could allow an unauthenticated attacker with access to the management console to compromise the...
Citrix Application Delivery Management (ADM) Agent Security Update
CTX247738 NewApplicable Products : Citrix Application Delivery ManagementA vulnerability has been identified in Citrix Application Delivery Management Agent that could allow an unauthenticated attacker with network access to the management agent interface to obtain sensitive information. Disclosed information could be...
Citrix XenServer Multiple Security Updates
CTX246572 NewApplicable Products : XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 1, XenServer 7.1 LTSR Cumulative Update 2, XenServer 7.5, XenServer 7.6A number of security vulnerabilities have been identified in Citrix XenServer that, depending on configuration, may allow a malicious user of a PV...
TLS Padding Oracle Vulnerability in Citrix Application Delivery Controller (ADC) and NetScaler Gateway
CTX240139 NewApplicable Products : NetScaler 10.5, NetScaler 11.0, NetScaler 11.1, NetScaler 12.0, NetScaler 12.1, NetScaler Gateway 10.5, NetScaler Gateway 11.0, NetScaler Gateway 11.1, NetScaler Gateway 12.0A vulnerability has been identified in the Citrix Application Delivery Controller (ADC) formally known as NetScaler ADC and NetScaler Gateway platforms using hardware...
Citrix XenServer Security Update
CTX239432 NewApplicable Products : XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 1, XenServer 7.5, XenServer 7.6A number of security vulnerabilities have been identified in Citrix XenServer that have deployment-dependent impacts.These issues affect the following supported versions of Citrix XenServer:Citrix XenServer 7.6 Citrix XenServer...
Citrix XenServer Security Update
CTX239100 NewApplicable Products : XenServer 7.1 LTSR Cumulative Update 1, XenServer 7.5, XenServer 7.6A security issue has been identified in Citrix XenServer that may allow a malicious administrator of an HVM guest VM to crash the host.This issue affects the following versions...
Cross-Site Scripting Vulnerability in Citrix NetScaler
CTX239002 NewApplicable Products : NetScaler 10.1, NetScaler 10.5, NetScaler 11.0, NetScaler 11.1, NetScaler 12.0, NetScaler 12.1A Cross-Site Scripting (XSS) vulnerability has been identified in Citrix NetScaler Gateway, formerly known as Citrix Access Gateway Enterprise Edition. This vulnerability could potentially be used to execute malicious client-side script...
Citrix ShareFile StorageZones Controller Multiple Security Updates
CTX238022 UpdatedApplicable Products : ShareFileTwo security issues have been identified within Citrix ShareFile StorageZones Controller that, if exploited, could allow a compromised or malicious ShareFile user to write arbitrary files as that Active Directory user to the local file system,...
XenServer Multiple Security Updates
CTX236548 NewApplicable Products : XenServer 7.0, XenServer 7.1 LTSR Cumulative Update 1, XenServer 7.4, XenServer 7.5Several security issues have been identified that impact XenServer. Customers should consider these issues and determine possible impact to their own systems. These updates provide a mitigation for recently...
How AI-enhanced malware poses a threat to your organization
Malware controlled by artificial intelligence could create more convincing spam, avoid security detection, and better adapt itself to each target, says a new report from Malwarebytes.
Tech news roundup: HPE Discover 2019, Facebook’s Libra cryptocurrency, and Google Cloud’s debacle
This week's TechRepublic and ZDNet news stories include a look at the companies that hire the most data scientists, four significant impacts of a security breach, and a first-hand account of a major hack job.
ACLU tells Ga. Supreme Court Fourth Amendment should apply to personal data stored by cars
Fourth Amendment protections should apply to personal data in a
car’s Event Data Recorder, the American Civil Liberties Union (ACLU) will argue
before the Georgia Supreme Court today.
The state’s high court is hearing oral arguments in Mobley v.
State, which challenges law...
Can Anything Protect Us From Deepfakes?
Along with fake news, forged videos have become a national security concern, especially as the 2020 presidential elections draw near. Researchers at the University of Surrey have developed a solution that might solve the problem.
How Hackers Emptied Church Coffers with a Simple Phishing Scam
Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
