CVE-2021-22932
published 2021-08-16CVE-2021-22932: An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option…
PriorityP337high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.41%
32.8th percentile
An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. Customers are only affected by this issue if they previously selected “Enable Encryption” in the ShareFile configuration page and did not re-select this setting after running the CTX269106 mitigation tool. ShareFile customers who have not run the CTX269106 mitigation tool or who re-selected “Enable Encryption” immediately after running the tool are unaffected by this issue.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | sharefile | — | — |
| citrix | sharefile_storagezones_controller | < 5.11.19 | 5.11.19 |
| citrix | xenserver | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
CVE-2021-22932: An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption
vendor_citrix·2021-08-16·CVSS 7.5
CVE-2021-22932 [HIGH] CWE-311 CVE-2021-22932: An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption
CVE-2021-22932: An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. Customers are only affected by this issue if they previously selected “Enable Encryption” in the ShareFile configuration page and did not re-select this setting after running the CTX269106 mitigation tool. ShareFile customers who have not run the CTX269106 mitigation tool or who re-selected “Enable Encryption” immediately after running the tool are unaffected by this issue.
Citrix
Citrix Security Bulletin CTX322787
vendor_citrix·CVSS 7.5
CVE-2021-22932 [HIGH] Citrix Security Bulletin CTX322787
Citrix Security Bulletin CTX322787
CVE References: CVE-2021-22932, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-72xq-94wh-w6jc: An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption
ghsa_unreviewed·2022-05-24
CVE-2021-22932 [HIGH] CWE-311 GHSA-72xq-94wh-w6jc: An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption
An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. Customers are only affected by this issue if they previously selected “Enable Encryption” in the ShareFile configuration page and did not re-select this setting after running the CTX269106 mitigation tool. ShareFile customers who have not run the CTX269106 mitigation tool or who re-selected “Enable Encryption” immediately after running the tool are unaffected by this issue.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-2701 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-2701 [HIGH] CVE-2026-2701 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-2701 :
Citrix ShareFile StorageZones Controller vulnerability analysis and mitigation
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.
Source : NVD
## 9.1
Score
Published April 2, 2026
Severity CRITICAL
CNA Score 9.1
Affected Technologies
Citrix ShareFile StorageZones Controller
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 40.8
Exploitation Probability (EPSS) 0.2
Affected packages and libraries
cpe:2.3:a:citrix:sharefile_storagezones_controller
Sources
Windows Has Fix Added at: Apr 05, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focus on what's exploi
Wiz
CVE-2026-2699 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-2699 [HIGH] CVE-2026-2699 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-2699 :
Citrix ShareFile StorageZones Controller vulnerability analysis and mitigation
Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.
Source : NVD
## 9.8
Score
Published April 2, 2026
Severity CRITICAL
CNA Score 9.8
Affected Technologies
Citrix ShareFile StorageZones Controller
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 61.3
Exploitation Probability (EPSS) 0.4
Affected packages and libraries
cpe:2.3:a:citrix:sharefile_storagezones_controller
Sources
Windows Has Fix Added at: Apr 05, 2026
## Get a
2021-08-16
Published