CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2014-1663
https://notcve.org/view.php?id=CVE-2014-1663
Unspecified vulnerability in Citrix XenMobile Device Manager server (formerly Zenprise Device Manager server) 8.5, 8.6, and MDM 8.0.1 allows remote attackers to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en el servidor Citrix XenMobile Device Manager (antiguamente servidor Zenprise Device Manager) 8.5, 8.6 y MDM 8.0.1 permite a atacantes remotos obtener información sensible a través de vectores desconocidos. • http://osvdb.org/102884 http://secunia.com/advisories/56438 http://support.citrix.com/article/CTX140044 http://www.securityfocus.com/bid/65348 http://www.securitytracker.com/id/1029728 https://exchange.xforce.ibmcloud.com/vulnerabilities/90959 •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 2CVE-2014-1664 – GoToMeeting for Android - Multiple Local Information Disclosure Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-1664
The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file. La aplicación Citrix GoToMeeting v5.0.799.1238 para Android registra las peticiones HTTP que contienen información sensible, lo que permite a atacantes remotos obtener IDs de usuario, detalles de las reuniones, y tokens de autenticación a través de una aplicación que lea el fichero de registro del sistema. GoToMeeting Android application (com.citrixonline.android.gotomeeting-1.apk) version 5.0.799.1238 is vulnerable to information disclosure via logging output, resulting in the leak of userID, meeting details, and authentication tokens. Android applications with permissions to read system log files may obtain the leaked information. • https://www.exploit-db.com/exploits/39061 http://osvdb.org/102559 http://www.securityfocus.com/archive/1/530879/100/0/threaded http://www.securityfocus.com/bid/65123 https://exchange.xforce.ibmcloud.com/vulnerabilities/90695 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6077
https://notcve.org/view.php?id=CVE-2013-6077
Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions. Citrix XenDesktop 7.0, cuando se actualiza desde XenDesktop 5.x, no se hacen cumplir adecuadamente los permisos de la política de reglas, lo que permite a atacantes remotos evitar las restricciones previstas. • http://osvdb.org/98890 http://support.citrix.com/article/CTX138627 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-6011
https://notcve.org/view.php?id=CVE-2013-6011
Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request. Citrix NetScaler Application Delivery Controller (ADC) 10.0 anterior a la versión 10.0-76.7 permite a atacantes remotos provocar una denegación de servicio (cuelgue de nsconfigd y reinicio del dispositivo) a través de una petición diseñada. • http://archives.neohapsis.com/archives/bugtraq/2013-10/0016.html http://support.citrix.com/article/ctx139017 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2937
https://notcve.org/view.php?id=CVE-2013-2937
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, related to debugging messages, a different vulnerability than other CVEs listed in CTX137162. Vulnerabilidad no especificada en Citrix CloudPortal Services Manager (Cortex) 10.0 anterior a la actualización Cumulative Update 3 tiene impacto y vectores de ataque desconocidos, relacionados con mensajes de depuración Vulnerabilidad distinta a los CVEs listados en CTX137162. • http://support.citrix.com/article/CTX137162 •