Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
citrixCitrixCTX140303
HistoryFeb 18, 2014 - 4:00 a.m.

CVE-2014-1910 - SSL Certificate Validation Vulnerability in the Citrix ShareFile Mobile Application for Android and the Citrix ShareFile Mobile for Tablets Application for Android

2014-02-1804:00:00
support.citrix.com
11

EPSS

0.001

Percentile

34.6%

JSON

Description of Problem

A vulnerability has been identified in the Citrix ShareFile Mobile application for Android and the Citrix ShareFile Mobile for Tablets application for Android that could result in SSL certificates being incorrectly validated.

This vulnerability has been assigned the following CVE number:

ā€¢ CVE-2014-1910: SSL Certificate Validation Vulnerability in the Citrix ShareFile Mobile Application for Android and the Citrix ShareFile Mobile for Tablets Application for Android.

This vulnerability affects all versions of the Citrix ShareFile Mobile application for Android and the Citrix ShareFile Mobile for Tablets application for Android earlier than version 2.4.4.

What Customers Should Do

New versions of the Citrix ShareFile Mobile application for Android and the Citrix ShareFile Mobile for Tablets application for Android have been released. Citrix recommends that customers upgrade their ShareFile Mobile and ShareFile Mobile for Tablets to version 2.4.4 or later.

These versions are available from the Google Play store at the following locations:

ShareFile Mobile: _ <https://play.google.com/store/apps/details?id=com.sharefile.mobile&gt;_

ShareFile Mobile for Tablets: _ <https://play.google.com/store/apps/details?id=com.sharefile.mobile.tablet&gt;_

Acknowledgements

Citrix thanks Alexandru Gherman of FortConsult (_ <http://fortconsult.net/&gt;) for working with us to protect Citrix customers._

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at _ <http://support.citrix.com/&gt;_ .

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at _ <http://www.citrix.com/site/ss/supportContacts.asp&gt;_ .

Reporting Security Vulnerabilities to Citrix

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. If you would like to report a security issue to Citrix, please compose an e-mail to [email protected] stating the exact version of the product in which the vulnerability was found and the steps needed to reproduce the vulnerability.

Related

cve 1
prion 1
cvelist 1
nvd 1
cve
cve
CVE-2014-1910
2014-02-21 15:30:16
prion
prion
Information disclosure
2014-02-21 15:30:00
cvelist
cvelist
CVE-2014-1910
2014-02-21 15:00:00
nvd
nvd
CVE-2014-1910
2014-02-21 15:30:16

EPSS

0.001

Percentile

34.6%

JSON
Related for CTX140303
cve1prion1cvelist1nvd1