CVE-2020-8253

Improper authentication in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 leads to the ability to access sensitive files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
hackeroneCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
citrixxenmobile_server
𝑥
≤ 10.8.0
citrixxenmobile_server
10.9.0
citrixxenmobile_server
10.9.0:rolling_patch1
citrixxenmobile_server
10.9.0:rolling_patch2
citrixxenmobile_server
10.9.0:rolling_patch3
citrixxenmobile_server
10.9.0:rolling_patch4
citrixxenmobile_server
10.10.0
citrixxenmobile_server
10.10.0:rolling_patch1
citrixxenmobile_server
10.10.0:rolling_patch2
citrixxenmobile_server
10.10.0:rolling_patch3
citrixxenmobile_server
10.10.0:rolling_patch4
citrixxenmobile_server
10.10.0:rolling_patch5
citrixxenmobile_server
10.11.0
citrixxenmobile_server
10.11.0:rolling_patch1
citrixxenmobile_server
10.11.0:rolling_patch2
citrixxenmobile_server
10.11.0:rolling_patch3
citrixxenmobile_server
10.12.0
citrixxenmobile_server
10.12.0:rolling_patch1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.citrix.com/article/CTX277457
https://support.citrix.com/article/CTX277457