CVE-2018-10650Untrusted Search Path in Citrix Xenmobile Server

CWE-426Untrusted Search Path4 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.2%
top 57.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Citrix Xenmobile ServerCitrix ADMCitrix Hypervisor+5 more
Timeline
PublishedMay 23
Latest updateMay 14

Description

There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

NVDcitrix/xenmobile_server10.7, 10.8+1

🔴Vulnerability Details

1
GHSA
GHSA-xrgp-qvwm-9p29: There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 102022-05-14

📋Vendor Advisories

2
Citrix
CVE-2018-10650: There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.2018-05-23
Citrix
Citrix Security Bulletin CTX234879