CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2936
https://notcve.org/view.php?id=CVE-2013-2936
12 Sep 2013 — Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. Vulnerabilidad no especificada en Citrix CloudPortal Services Manager (Cortex) 10.0 anterior a la actualización Cumulative Update 3 tiene impacto y vectores de ataque desconocidos. Vulnerabilidad distinta a los CVEs listados en CTX137162. • http://support.citrix.com/article/CTX137162 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2935
https://notcve.org/view.php?id=CVE-2013-2935
12 Sep 2013 — Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. Vulnerabilidad no especificada en Citrix CloudPortal Services Manager (Cortex) 10.0 anterior a la actualización Cumulative Update 3 tiene impacto y vectores de ataque desconocidos. Vulnerabilidad distinta a los CVEs listados en CTX137162. • http://support.citrix.com/article/CTX137162 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2939
https://notcve.org/view.php?id=CVE-2013-2939
12 Sep 2013 — Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. Vulnerabilidad sin especificar en Citrix CloudPortal Services Manager (aka Cortex) 10.0 anterior a la actualización acumulativa número 3 tiene un impacto y vectores de ataque desconocidos, una vulnerabilidad diferente a otros CVEs listados en CTX137162. • http://support.citrix.com/article/CTX137162 •
CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 0CVE-2013-2767
https://notcve.org/view.php?id=CVE-2013-2767
25 Apr 2013 — Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. Vulnerabilidad no especificada en Citrix NetScaler Access Gateway Enterprise Edition (AGEE) antes de v9.3.62.4 y v10.x hasta v10.0.74.4 y NetScaler AGEE Common Criteria antes de v9.3.53.6, permite a atacantes remotos evitar las re... • http://support.citrix.com/article/ctx137238 •
CVSS: 9.1EPSS: 2%CPEs: 8EXPL: 0CVE-2013-2758 – Apache CloudStack 4.0.1 Authentication Bypass / Cryptography
https://notcve.org/view.php?id=CVE-2013-2758
25 Apr 2013 — Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers to guess the console access URL via a brute force attack. Apache CloudStack 4.0.0 anterior a 4.0.2 y Citrix CloudPlatform (anteriormente Citrix CloudStack) 3.0.x anterior a 3.0.6 Patch C utiliza un hash de una secuencia previsible, lo que facilita a atacantes remotos adivinar la URL de acceso de consola a travé... • http://mail-archives.apache.org/mod_mbox/cloudstack-dev/201304.mbox/%3C51786984.1060300%40stratosec.co%3E • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 3%CPEs: 8EXPL: 0CVE-2013-2756 – Apache CloudStack 4.0.1 Authentication Bypass / Cryptography
https://notcve.org/view.php?id=CVE-2013-2756
25 Apr 2013 — Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging knowledge of the source code. Apache CloudStack 4.0.0 anterior a 4.0.2 y Citrix CloudPlatform (anteriormente Citrix CloudStack) 3.0.x anterior a 3.0.6 Patch C permite a atacantes remotos evadir la autenticación de proxy de consola mediante el conocimiento del código fuente. The CloudStack PMC was notified of two... • http://mail-archives.apache.org/mod_mbox/cloudstack-dev/201304.mbox/%3C51786984.1060300%40stratosec.co%3E • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2013-2263
https://notcve.org/view.php?id=CVE-2013-2263
19 Mar 2013 — Unspecified vulnerability in Citrix Access Gateway Standard Edition 5.0.x before 5.0.4.223524 allows remote attackers to access network resources via unknown attack vectors. Vulnerabilidad sin especificar en Citrix Access Gateway Standard Edition v5.0.x anterior a 5.0.4.223524, permite a atacantes remotos acceder a los recursos de red a través de vectores de ataque desconocidos. • http://osvdb.org/90905 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5616 – Apache CloudStack 4.0.0-incubating Information Disclosure
https://notcve.org/view.php?id=CVE-2012-5616
12 Jan 2013 — Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API. CloudStack Apache v4.0.0-incubación y Citrix CloudPlatform (anteriormente Citrix CloudStack )... • http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E • CWE-255: Credentials Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6314
https://notcve.org/view.php?id=CVE-2012-6314
26 Dec 2012 — Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows authenticated users to retain access to the USB device. Citrix XenDesktop Virtual Desktop Agent (VDA) v5.6.x antes de v5.6.200, al realizar cambios en la política de control de redirección USB en el lado del servidor, no propaga los cambios a la VDA, lo que permite mantener el acceso al dispositivo USB a los usuari... • http://osvdb.org/88369 •
CVSS: 9.8EPSS: 7%CPEs: 2EXPL: 0CVE-2012-5161
https://notcve.org/view.php?id=CVE-2012-5161
26 Dec 2012 — The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors. La interfaz del servicio XML de Citrix XenApp v6.5 y Feature Pack 1 v6.5 permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados. • http://osvdb.org/88368 •