CVE-2018-10651
published 2018-05-23CVE-2018-10651: There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
PriorityP423medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
0.73%
49.4th percentile
There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenmobile_server | — | — |
| citrix | xenmobile_server | — | — |
| citrix | xenserver | — | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ivanti
Ivanti Security Advisory: CVE-2019-10651
vendor_ivanti·2019-07-11·CVSS 9.8
CVE-2019-10651 [CRITICAL] Ivanti Security Advisory: CVE-2019-10651
Ivanti Security Advisory: CVE-2019-10651
An issue was discovered in the Core Server in Ivanti Endpoint Manager (EPM) 2017.3 before SU7 and 2018.x before 2018.3 SU3, with remote code execution. In other words, the issue affects 2017.3, 2018.1, and 2018.3 installations that lack the April 2019 update.
CVE IDs: CVE-2019-10651
CVSS Base Score: 9.8
Severity: CRITICAL
Citrix
CVE-2018-10651: There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
vendor_citrix·2018-05-23·CVSS 6.1
CVE-2018-10651 [MEDIUM] CWE-601 CVE-2018-10651: There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
CVE-2018-10651: There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
Citrix
Citrix Security Bulletin CTX234879
vendor_citrix·CVSS 9.8
CVE-2018-10648 [CRITICAL] Citrix Security Bulletin CTX234879
Citrix Security Bulletin CTX234879
CVE References: CVE-2018-10648, CVE-2018-10649, CVE-2018-10650, CVE-2018-10651, CVE-2018-10652, CVE-2018-10653, CVE-2018-10654, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-rrj2-3phw-cvjj: There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10
ghsa_unreviewed·2022-05-14
CVE-2018-10651 [MEDIUM] CWE-601 GHSA-rrj2-3phw-cvjj: There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10
There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-05-23
Published