5310 matches found
Updating MCS catalog fails with error FailedToUnregisterMasterImageFromMdm
Error updating an MCS catalog in Citrix DAAS Action Name: MCCreateMachineCatalogInitialzation Exception: StudioErrorId : ProvisioningTaskError ErrorCategory : NotSpecified TaskState : FailedToUnregisterMasterImageFromMdm TaskStateInformation : Terminated ErrorId :...
Impact of Chromium vulnerabilities CVE-2023-4863 and CVE-2023-5217 on Cloud Software Group products
Cloud Software Group will continue to update this post as additional information becomes available. Summary Google Chromium Heap-Based Buffer Overflow Vulnerability Cloud Software Group is aware of the vulnerabilities CVE-2023-4863 and CVE-2023-5217 that impact Chromium. CVE-2023-4863 description...
Citrix SD-WAN Security Bulletin for CVE-2022-27505 and CVE-2022-27506
Vulnerabilities have been discovered in multiple Citrix SD-WAN products. These vulnerabilities, if exploited, could result in the following security issues: CVE-ID| Description| CWE| Affected Products| Pre-conditions ---|---|---|---|--- CVE-2022-27505| Reflected cross site scriptingXSS| CWE-79:...
Citrix Gateway Plug-in for Windows Security Update
Description of Problem Vulnerabilities have been identified in Citrix Gateway Plug-in for Windows that, if exploited, could result in a local user escalating their privilege level to SYSTEM. The vulnerabilities have the following identifiers: CVE-2020-8257 CVE-2020-8258 These vulnerabilities affe...
Citrix Hypervisor Security Update
A security issue has been identified in Citrix Hypervisor 7.1 LTSR CU2 that may allow privileged code in a PV guest VM to compromise the host. Citrix believes that there would be significant complexity in performing this attack in Citrix Hypervisor. The issue has the following CVE identifier:...
Citrix Application Delivery Management Security Bulletin for CVE-2022-27511 and CVE-2022-27512
Vulnerabilities have been discovered in Citrix Application Delivery Management Citrix ADM that, if exploited, could result in the following security issues: Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the ne...
Citrix Workspace app for Windows Security Bulletin for CVE-2023-24484 & CVE-2023-24485
Vulnerabilities have been identified that, collectively, allow a standard Windows user to perform operations as SYSTEM on the computer running Citrix Workspace app. These vulnerabilities have the following identifiers: CVE ID| Description| Vulnerability Type| Pre-conditions ---|---|---|---...
ShareFile StorageZones Controller Security Update for CVE-2023-24489
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. This vulnerability affects all currently supported versions o...
Citrix Licensing: Studio unable to connect to Licensing server - Untrusted server
1. Unable to connect to Citrix Licensing server from Studio getting "Untrusted server". 2. Getting "An error occurred while retrieving the certificate for the license server at this address". 3. Error Id: XDDS:BD69C800 DesktopStudioErrorId : UnknownError ErrorCategory : ResourceUnavailable...
Citrix Hypervisor Security Update
Description of Problem A security issue has been identified in certain CPU hardware that may allow unprivileged code running on a CPU core to infer the value of memory data belonging to other processes, virtual machines or the hypervisor that are, or have recently been, running on the same CPU...
CVE-2015-4000 - Citrix Security Advisory for DHE_EXPORT TLS Vulnerability
Overview A TLS protocol vulnerability has been recently disclosed that could result in attackers being able to intercept and modify SSL/TLS encrypted traffic to servers that support Diffie-Hellman based export cipher suites. This vulnerability is known as 'LogJam' and has been assigned the...
Cloud Software Group Security Advisory for CVE-2024-6387
Advisory for 3rd party CVE-2024-6387 Cloud Software Group is aware of the vulnerability CVE-2024-6387 impacting OpenSSH. Qualys has discovered a remote unauthenticated code execution vulnerability in OpenSSH’s server sshd in glibc-based Linux systems. Because this vulnerability is a regression of...
Citrix Hypervisor Security Update
Description of Problem Several security issues have been identified that, collectively, may allow privileged code running in a guest VM to cause the host to crash or to become unresponsive. These issues have the following CVE identifiers: CVE ID| Description| Vulnerability Type| Pre-conditions...
Windows and Linux Virtual Delivery Agent for CVAD and Citrix DaaS Security Bulletin CVE-2023-24490
A vulnerability has been identified that impacts Virtual Delivery Agents for Windows or Linux used by Citrix Virtual Apps and Desktops and Citrix DaaS. The vulnerability affects the following supported versions of Windows Virtual Delivery Agent: Current Release CR Citrix Virtual Apps and Desktops...
Graphical Issues with Citrix Workspace App 2503 and Intel GPUs
Customers using the Citrix Workspace App for Windows version 2503 or later on Windows endpoint devices, like the Microsoft Surface Pro laptops equipped with specific Intel GPUs using older Intel drivers, may encounter graphical anomalies. These issues can manifest as visual artefacts or black box...
Citrix Workspace app for Mac Security Bulletin for CVE-2024-5027
A vulnerability has been discovered in Citrix Workspace app for Mac, which, if exploited, may result in elevation of privilege from a local authenticated user to a root user. Affected Versions: The following supported versions of Citrix Workspace app for Mac are affected by the vulnerability:...
Citrix Hypervisor Security Update
Description of Problem An issue has been discovered in Citrix Hypervisor that, if exploited, could potentially allow an attacker on the management network to enumerate valid administrative account usernames. Note that this attack does not disclose the corresponding passwords and does grant not...
Citrix Workspace app for Linux Security Bulletin for CVE-2023-24486
A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched. CVE ID|...
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
Description of Problem Multiple vulnerabilities have been discovered in Citrix ADCformerly known as NetScaler ADC, Citrix Gatewayformerly known as NetScaler Gatewayand Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities,if exploited,could result ina...
Citrix License server unavailable on Studio with Error: XDDS:796F2703
The license server is marked as unavailable on Studio even though the license server is up and running The error received when trying to connect to the license server is as follows, An error occurred while retrieving the certificate for the license server at this address. Further error details ar...
Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of an HVM guest VM to compromise the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix...
Citrix XenServer Multiple Security Updates
Important Note Due to concerns about the robustness of some of the Intel microcode updates included in the earlier hotfixes for these issues XS71ECU1009, XS72E013 and XS73E001, Citrix has superseded these hotfixes with new hotfixes listed below. Customers are strongly recommended to apply these n...
Your corporate Citrix environment is currently unsupported alert shown even no expired license files
The alert "Citrix Virtual Apps and Desktops Warning: Your corporate Citrix environment is currently unsupported. Please contact your IT department to resolve." is shown when starting the session. No expired license file is stored on the license server...
Citrix Hypervisor Security Update
Several security issues have been identified in Citrix Hypervisor, that may each allow privileged code in a guest VM to cause the host to crash or become unresponsive. These issues have the following identifiers: CVE-2021-28704 CVE-2021-28705 CVE-2021-28714 CVE-2021-28715 All of these issues affe...
Citrix Hypervisor Security Update
Description of Problem Several security issues have been identified in Citrix Hypervisor formerly Citrix XenServer that may allow: unprivileged code in a PV guest VM to compromise that PV guest VM privileged code in a guest VM to cause the host to crash or become unresponsive privileged code in a...
Error: TDICA 1005/1007 and Sessions Disconnected/ Not Responding
Usersessions freezing / disconnecting. Network and performance has been checked and no issues found. However, TDICA 1005/1007 events are seen in the logs at the same time the error occurred. This might be a problem with flaky network connections between the ICA clients and the VDA servers Session...
Citrix Hypervisor Security Update
A security issue has been identified that affects Citrix Hypervisor. This issue may allow privileged code in a guest VM to cause the host to crash or become unresponsive. The issue only affects systems with Intel CPUs where the malicious guest VM has had a physical PCI device assigned to it by th...
Citrix Hypervisor Security Updates
Description of Problem Modern CPUs contain random number generators that provide entropy randomness to the software running on those processors to use for purposes such as generating cryptographic encryption keys. Software can obtain entropy by using the RDRAND and RDSEED instructions. A security...
Citrix XenServer Multiple Security Updates
Description of Problem A number of security issues have been identified within Citrix XenServer. These issues could, if exploited, allow a malicious administrator of a guest VM to compromise the host. The issues have the identifiers: CVE-2017-10920, CVE-2017-10921 and CVE-2017-10922 High: Grant...
Citrix Optimizer Tool
Citrix Optimizer Tool - v3.5.0.1 Created Date: Jun 21, 2017 Updated Date: Mar 12, 2025 SHA 256 Checksum: D8DCBF77BAE73E2EB4F8F6DCF408AFE90714230A15D3EB7390933D8DFB339044 To help us improve the Citrix Optimizer Tool, please send your feedback to https://forms.gle/TwWrKPT6J8u7GdKA6. Please note: Yo...
CVE-2014-0160 - Citrix Security Advisory for the Heartbleed vulnerability
Overview A vulnerability has been recently disclosed in OpenSSL that could result in remote attackers being able to obtain sensitive data from the process address space of a vulnerable OpenSSL server or client. The issue has been assigned the following CVE identifier and is also known as the...
Citrix Hypervisor Security Update
Description of Problem A number of security issues have been identified in certain CPU hardware that may allow unprivileged code running on a CPU core to infer the value of memory data belonging to other processes, virtual machines or the hypervisor that are, or have recently been, running on the...
Citrix Hypervisor Security Bulletin for CVE-2023-23583 and CVE-2023-46835
Description of Problem An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to compromise an AMD-based host via a passed through PCI device CVE-2023-46835. In addition, Intel has disclosed a security issue affecting certain...
Citrix Hypervisor Security Update for CVE-2023-20593
Description of Problem AMD has released updated microcode to address an issue with certain AMD CPUs. Although this is not an issue in the Citrix Hypervisor product itself, we have released a hotfix that includes this microcode to mitigate this CPU hardware issue. This issue has the following...
Citrix VDA Cleanup Utility Tool
Note: Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools All references to VDA in this article are to the Windows version of VDA. Citrix recommends that you use the built-in uninstaller to...
Failed to launch session "session_name". Error code: 2519 on Citrix Workspace App During App/Desktop Launch
This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. This article is intended for Citrix administrators and technical teams only. Non-admin users must...
Cloud Software Group Security Advisory for CVE-2024-3661
Cloud Software Group has evaluated the impact of vulnerability CVE-2024-3661 on our products. This vulnerability may allow an attacker on the same local network as the victim to read, disrupt, or modify network traffic expected to be protected by the VPN. Please find below the impact status: 1...
CVE-2019-13608 - XML External Entity (XXE) Processing Vulnerability in Citrix StoreFront Server
Description of Problem An XML External Entity XXE processing vulnerability has been identified in Citrix StoreFront Server that could allow an unauthenticated attacker to retrieve potentially sensitive information from the server. This vulnerability has been assigned the following CVE number: •...
Citrix Hypervisor Security Update
Description of Problem A security issue has been identified in Citrix Hypervisor that may allow privileged code running in a guest VM to infer details of some computations occurring in other VMs on the host. This may, for example, be used to infer a secret encryption key used by a web server in a...
CVE-2015-0235 - Citrix Security Advisory for glibc GHOST Vulnerability
Overview A vulnerability has been recently disclosed in the glibc gethostbyname function. This issue could potentially allow an attacker to inject code into a process that calls the vulnerable function. The issue is known as the GHOST vulnerability and has been assigned the following CVE...
Citrix Hypervisor Security Bulletin for CVE-2023-46838
Description of Problem An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to cause the host to crash or become unresponsive. This issue has the following identifier: CVE-2023-46838 What Customers Should Do We have release...
Citrix Hypervisor Security Bulletin for CVE-2023-20569, CVE-2023-34319 and CVE-2022-40982
Description of Problem An issue has been discovered in Citrix Hypervisor 8.2 CU1 LTSR that may allow malicious, privileged code in a guest VM to cause the host to crash. This issue has the following identifier: CVE-2023-34319 In addition, Intel has disclosed a security issue affecting certain Int...
Citrix ADC and Citrix Gateway Security Update (CVE-2019-0140)
Description of Problem A vulnerability has been identified affecting Citrix Application Delivery Controller ADC formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway, platforms which could result in privilege escalation via layer 2 network access on all network...
Citrix Workspace app for Windows Security Update
Description of Problem A vulnerability has been identified in the automatic update service of Citrix Workspace app for Windows that could result in: A local user escalating their privilege level to that of an administrator on the computer running Citrix Workspace app for Windows. A remote...
How to Change Order of NICs in XenServer
Theinterface-rename is a utility included in Citrix Hypervisor 8.2 Cumulative Update 1 and XenServer 8. This utility allows for granular management of network interface cards to facilitate renaming and reordering of them from the default installed configuration. The interface-rename utility refer...
Error "Socket Error 10054" When Launching Virtual Desktop
Error "Socket Error 10054" when launching Virtual Desktop...
Vulnerabilities in Citrix Workspace app and Receiver for Windows
Description of Problem Vulnerabilities have been identified in Citrix Workspace app and Citrix Receiver for Windows that could result in a local user escalating their privilege level to administrator during the uninstallation process. The issues have the following identifiers: CVE-2020-13884...
How to Collect a Citrix Diagnostic Facility (CDF) Trace at System Startup
The CDFControl utility is an event tracing controller or consumer for capturing Citrix Diagnostic Facility CDF trace messages displayed from various Citrix tracing providers. It is made to troubleshoot complex Citrix related issues, parse filter support, and collect performance data. To download...
Citrix Gateway Plug-in for Windows Security Bulletin for CVE-2022-21827
A vulnerability has been discovered in Citrix Gateway Plug-in for Windows Citrix Secure Access for Windows. If exploited, this issue would allow an adversary, who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. This issue has the...
XenServer Multiple Security Updates
Description of Problem Several security issues have been identified that impact XenServer. Customers should consider these issues and determine possible impact to their own systems. These updates provide a mitigation for recently disclosed issues affecting Intel CPUs. These issues, if exploited,...