CVE-2021-22932 — Missing Encryption of Sensitive Data in Citrix Sharefile Storagezones Controller

CWE-311 — Missing Encryption of Sensitive Data6 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.1%

top 76.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Sharefile Storagezones Controller Citrix ADM Citrix Hypervisor +6 more

Timeline

PublishedAug 16

Latest updateMay 24

Description

An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. Customers are only affected by this issue if they previously selected “Enable Encryption” in the ShareFile configuration page and did not re-select this setting after running the CTX269106 mitigation tool. ShareFile customers who have not run the CTX269106 mitigation tool or who re-selec…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages9 packages

▶NVDcitrix/sharefile_storagezones_controller< 5.11.19

▶citrixcitrix/sharefile

▶citrixcitrix/xenserver

▶citrixcitrix/citrix_adm

▶citrixcitrix/netscaler_adc

🔴Vulnerability Details

GHSA

GHSA-72xq-94wh-w6jc: An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption↗2022-05-24

▶

📋Vendor Advisories

Citrix

CVE-2021-22932: An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption↗2021-08-16

▶

Citrix

Citrix Security Bulletin CTX322787↗

▶

🕵️Threat Intelligence

Wiz

CVE-2026-2701 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-2699 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶