Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
citrixCitrixCTX220138
HistoryJun 07, 2017 - 4:00 a.m.

CVE-2017-9231 - XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.x and 9.x

2017-06-0704:00:00
support.citrix.com
16

0.001 Low

EPSS

Percentile

47.8%

JSON

<section>
<div><div>
<div>

<h2> Description of Problem</h2>

<div>
<div>
<div>
<p>An XML External Entity (XXE) processing vulnerability has been identified in Citrix XenMobile Server that could allow an unauthenticated attacker to retrieve potentially sensitive information from the server.</p>
<p>This vulnerability has been assigned the following CVE number:</p>
<ul>
<li>CVE-2017-9231: XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server.</li>
</ul>
<p>This vulnerability affects the following Citrix XenMobile Server versions:</p>
<ul>
<li>Citrix XenMobile Server 10.x earlier than 10.5 RP3</li>
</ul>
<p>All versions of Citrix XenMobile App Controller 9.x</p>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> What Customers Should Do</h2>

<div>
<div>
<div>
<p>This vulnerability has been addressed in Citrix XenMobile Server version 10.5 RP3 and later. </p>
<p>Citrix strongly recommends that customers upgrade their Citrix XenMobile Server deployments to this version or later. This upgrade can be obtained from the following location:</p>
<p> <a href=“https://support.citrix.com/article/CTX224467”>https://support.citrix.com/article/CTX224467</a></p>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> What Citrix Is Doing</h2>

<div>
<div>
<div>
<div>
<div>
<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=“http://support.citrix.com/”>http://support.citrix.com/</a></u>.</p>
</div>
</div>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> Obtaining Support on This Issue</h2>

<div>
<div>
<div>
<div>
<div>
<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=“https://www.citrix.com/support/open-a-support-case.html”>https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>
</div>
</div>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> Reporting Security Vulnerabilities</h2>

<div>
<div>
<div>
<div>
<div>
<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – <a href=“http://support.citrix.com/article/CTX081743”>Reporting Security Issues to Citrix</a></p>
</div>
</div>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> Changelog</h2>

<div>
<div>
<div>
<table border=“1” width=“100%”>
<tbody>
<tr>
<td>Date </td>
<td>Change</td>
</tr>
<tr>
<td>7th June 2017</td>
<td>Initial publishing</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>

<hr />
</div>
</div></div>
</section>

Related

cvelist 1
cve 1
openvas 1
nvd 1
prion 1
cvelist
cvelist
CVE-2017-9231
2017-06-16 22:00:00
cve
cve
CVE-2017-9231
2017-06-16 22:29:00
openvas
openvas
Citrix XenMobile XXE Vulnerability (CTX220138)
2017-06-20 00:00:00
nvd
nvd
CVE-2017-9231
2017-06-16 22:29:00
prion
prion
Xxe
2017-06-16 22:29:00

0.001 Low

EPSS

Percentile

47.8%

JSON
Related for CTX220138
cvelist1cve1openvas1nvd1prion1