5311 matches found
Citrix Hypervisor Security Bulletin for CVE-2023-20569, CVE-2023-34319 and CVE-2022-40982
Description of Problem An issue has been discovered in Citrix Hypervisor 8.2 CU1 LTSR that may allow malicious, privileged code in a guest VM to cause the host to crash. This issue has the following identifier: CVE-2023-34319 In addition, Intel has disclosed a security issue affecting certain Int...
Citrix Hypervisor Security Update
Description of Problem A security issue has been identified in Citrix Hypervisor that may allow privileged code running in a guest VM to infer details of some computations occurring in other VMs on the host. This may, for example, be used to infer a secret encryption key used by a web server in a...
Citrix Workspace app for Windows Security Update
Description of Problem A vulnerability has been identified in the automatic update service of Citrix Workspace app for Windows that could result in: A local user escalating their privilege level to that of an administrator on the computer running Citrix Workspace app for Windows. A remote...
Vulnerabilities in Citrix Workspace app and Receiver for Windows
Description of Problem Vulnerabilities have been identified in Citrix Workspace app and Citrix Receiver for Windows that could result in a local user escalating their privilege level to administrator during the uninstallation process. The issues have the following identifiers: CVE-2020-13884...
XenServer Multiple Security Updates
Description of Problem Several security issues have been identified that impact XenServer. Customers should consider these issues and determine possible impact to their own systems. These updates provide a mitigation for recently disclosed issues affecting Intel CPUs. These issues, if exploited,...
Troubleshooting thin provisioning for shared block storage on XenServer
XenServer and Citrix Hypervisor use GFS2 to provide the ability to set up thin provisioning with a shared block storage device. Pools that use GFS2 to thin provision their shared block storage are clustered and behave differently to pools that use shared file-based storage or LVM with shared bloc...
Citrix Hypervisor Security Update for CVE-2024-31497
Description of Problem Versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR included a 3rd-party component, PuTTY, that is used to enable SSH connections from XenCenter to guest VMs when the “Open SSH Console” button is selected. The inclusion of PuTTY with XenCenter for Citrix Hypervisor 8.2...
Citrix Gateway Plug-in for Windows Security Bulletin for CVE-2022-21827
A vulnerability has been discovered in Citrix Gateway Plug-in for Windows Citrix Secure Access for Windows. If exploited, this issue would allow an adversary, who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. This issue has the...
Citrix StoreFront Security Bulletin for CVE-2022-27503
A reflected cross-site scripting XSS issue has been discovered in Citrix StoreFront when it is configured to use SAML authentication. If exploited, this issue would allow an attacker to execute client-side JavaScript in the same context as a legitimate user. This issue has the following identifie...
Citrix Workspace App: "An account is not configured. Please contact your administrator."
User sees a dialog box from Citrix Workspace: An account is not configured. Please contact your administrator...
Citrix SD-WAN Security Update
Description of Problem Multiple denial of service vulnerabilities have been identified in the Citrix SD-WAN Appliance and Citrix SD-WAN Center Management Console. These vulnerabilities could permit a remote attacker to cause a denial of service by causing a host crash or by causing reduced servic...
Workspace error 2306 happen when ICA file located in path which contains Chinese characters
Workspace error 2306 happen when ICA file located in path which contains Chinese character. Error message "Could not find the file named "C:??\.ica. Please check your installation , or contact your administrator."...
Citrix DaaS 2402 CU2 - MCS Catalog update fails with MDM error
StudioErrorId : ProvisioningTaskError ErrorCategory : NotSpecified TaskState : FailedToUnregisterMasterImageFromMdm TaskStateInformation : Terminated ErrorId : FailedToUnregisterMasterImageFromMdm Operation : ImagePreparation ErrorMessage : A problem was detected while unregistering from the MDM...
Licensing - We encounter the error "Citrix license server unavailable" in Citrix Studio.
After successfully upgrading the Citrix licensing server to version 11.17.2 build 51000, we encounter the error "Citrix license server unavailable" in Citrix Studio. The error in Licensing Manager "The License Activation Service entitlement could not be retrieved, Check your connection to License...
Citrix Workspace App for Linux Security Update
A vulnerability has been identified in Citrix Workspace app for Linux that could result in a local user elevating their privilege level to root on the computer running Citrix Workspace app for Linux. The vulnerability has the following identifier: CVE ID| Description| Vulnerability Type|...
Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServe...
PVS configuration wizard error - Unable to communicate with license server
When upgrading the PVS farm to PVS 2402, PVS configuration wizard could not progress further if "Validate license server communication" was checked, displaying an error "Unable to communicate with the license server, or the license server version is not compatible with this version of Citrix...
How to Deploy Citrix Gateway Plug-in and Endpoint Analysis Installer Packages for Windows by Using Active Directory Group Policy
This article contains information about deploying the Citrix Gateway Plug-in and Endpoint Analysis EPA Microsoft Installer MSI packages for Windows by using an Active Directory Group Policy. If users do not have administrative privileges to install the Citrix Gateway Plug-in and EPA Plug-in on th...
Citrix Hypervisor Security Bulletin for CVE-2022-23825 and CVE-2022-29900
AMD has disclosed an issue that affects AMD CPU hardware and may allow code inside a guest VM to infer the contents of RAM memory elsewhere on the host. Although this is not an issue in the Citrix Hypervisor product itself, Citrix is releasing hotfixes that include product changes to mitigate thi...
CVE-2018-3639 - Citrix XenServer Security Update
Description of Problem CVE-2018-3639 Speculative Store Bypass Disable is an issue that may affect third-party software that runs in guest VMs on Citrix XenServer. This is not an issue caused by Citrix XenServer and Citrix is unaware of any means of exploiting this issue against XenServer itself...
CVE-2015-7547 - Citrix Security Advisory for glibc Vulnerability
Overview A vulnerability has been recently disclosed in the glibc getaddrinfo function. This issue could potentially allow an attacker to inject code into a process that calls the vulnerable function. The issue has been assigned the following CVE identifier: CVE-2015-7547: The vulnerable function...
XenServer and Citrix Hypervisor Security Update for CVE-2024-5661
An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which mayallow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. This issue has the following identifier: CVE-2024-5661 CVE-2024-5661 affects all deployments. Summary CV...
Citrix XenMobile 10.x Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenMobile Server. The vulnerabilities have been assigned the following CVE numbers. Affecting XenMobile Server 10.7 and 10.8: CVE-2018-10653 High: XML External Entity XXE Processing Vulnerability in Citrix...
Wfica32.exe crashes when attempting to launch new session
Wfica32.exe crashes when attempting to launch Citrix ICA session from client side. From the client's Windows application logs, the following errors are noticed. ・Application Error with Event ID 1000 which indicates the faulting application name is WFICA32.EXE. ・Application Error with Event ID 1...
Citrix Hypervisor Multiple Security Updates
Description of Problem Several issues have been discovered that affect Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to: i Compromise an AMD-based host via a passed through PCI device: CVE-2023-34326 ii Compromise the host when a specific administrative acti...
Citrix Hypervisor Security Update.
Description of Problem A vulnerability has been found in Citrix Hypervisor formerly Citrix XenServer that may allow an unauthenticated attacker with the ability to send traffic to a host over a management or storage network to cause the host to crash. This vulnerability is identified as: •...
Citrix Hypervisor Security Update
An issue has been identified in AMD CPU hardware that may allow code in a guest VM to infer the value of in-memory data in other guest VMs. Although this is not an issue in the Citrix Hypervisor product itself, Citrix is releasinghotfixes that include mitigations for this hardware issue. This iss...
Citrix Hypervisor Multiple Security Updates
Description of Problem Several issues have been identified within Citrix Hypervisor, which could, if exploited, allow: privileged code in a PV guest VM to read a single uninitialized 4kB page of memory that may contain data left by a previous VM privileged code in a guest VM to cause the host to...
CVE-2018-3665 - Citrix XenServer Security Update
Description of Problem An issue has been identified in certain CPUs that may allow code running in a guest VM to read data from another process in the same VM or another VM running on the same host. The data that can be read is limited to specific CPU registers rather than memory or disk storage;...
Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServe...
PVS 1912CU5 on Windows 2012 R2 with KB501874: The specified AuthGroup does not exist
PVS console fails to login with error: "The specified AuthGroup does not exist"...
Citrix Hypervisor Security Bulletin for CVE-2022-33745
A security issue has been identified in Citrix Hypervisor 7.1 LTSR CU2 that may allow privileged code in a PV guest VM to fail to perform management operations. The issue has the following CVE identifier: CVE-2022-33745...
Citrix SDWAN Security Bulletin for CVE-2024-2049
A vulnerability has been identified that impacts Citrix SD-WAN Affected Versions: The vulnerability affects the following supported versions of Citrix SD-WAN SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 Summary: SDWAN contains the vulnerability mentioned below...
Citrix Hypervisor Security Update
Description of Problem Several security issues have been identified in Citrix Hypervisor formerly Citrix XenServer that may allow privileged code in a guest VM to cause the host to crash or become unresponsive. In addition, unprivileged code in a PV guest VM may be able to cause that guest VM to...
Citrix Hypervisor Security Update
Description of Problem A number of vulnerabilities have been found in Citrix Hypervisor formerly Citrix XenServer that allow the host to be compromised by: i. Privileged code in a guest VM that has been assigned a PCI passthrough device ii. Privileged code in a PV guest VM iii. Unprivileged code ...
Citrix Licensing - powershell cmdlets failing with CommunicationError
Citrix.Licensing.Admin.V1 cmdlets Get-LicCertificate, Get-LicInventory stopped working after License Server upgrade to 11.17.2.0. Build 51000. Citrix Licensing PowerShell Snap-In is installed and used directly on the License Server. Error: CommunicationError CategoryInfo: InvalidOperation Example...
Citrix Hypervisor Security Update for CVE-2023-39368 and CVE-2023-38575
Description of Problem Intel has disclosed several security issues affecting certain Intel CPUs. Although these are not vulnerabilities in the Citrix Hypervisor product itself, for the convenience of our customers we are providing a hotfix that includes updated Intel microcode to mitigate these C...
CVE-2019-11634 - Improper Access Control Vulnerability in AppDNA
Description of Problem A vulnerability has been identified in AppDNA that could result in access controls not being enforced when accessing the web console potentially allowing privilege escalation and remote code execution. This vulnerability has been assigned the following CVE number: •...
Citrix Hypervisor Security Bulletin for CVE-2022-42316, CVE-2022-42317 & CVE-2022-42318
Description of Problem Several security issues have been identified in Citrix Hypervisor 8.2 LTSR CU1, each of which may allow a privileged user in a guest VM to cause part of the management service to become unresponsive, resulting in the inability to create new guests or modify the configuratio...
Citrix Endpoint Management (CEM) Security Update
Description of Problem Multiple vulnerabilities have been discovered inCitrix Endpoint Management CEM,also referred to asXenMobile. These vulnerabilitieshavethe following identifiers: CVE-2020-8208 CVE-2020-8209 CVE-2020-8210 CVE-2020-8211 CVE-2020-8212 CVE-2020-8253 The following versions ofCitr...
Citrix XenServer Security Update
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that have deployment-dependent impacts. These issues affect the following supported versions of Citrix XenServer: Citrix XenServer 7.6 Citrix XenServer 7.5 Citrix XenServer 7.1 LTSR CU1 Citrix...
CVE-2017-15597 - Citrix XenServer Security Update
Description of Problem A security vulnerability has been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host. This vulnerability affects all currently supported versions of Citrix XenServer up to and including Citrix XenServer 7.2. The...
Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServe...
XenCenter 2024.2.0 - For Citrix Hypervisor and XenServer
Who Should Install This Update? This XenCenter update is for customers who use XenCenter as the management console for Citrix Hypervisor 8.2 CU1 and XenServer 8. This version of XenCenter supersedes any previous version of XenCenter. It constitutes the following deliverable: File Name|...
CVE-2016-7777 - Citrix XenServer Security Update
Description of Problem A security vulnerability has been identified in Citrix XenServer that may allow malicious user code within an HVM guest VM to read or modify the contents of certain registers belonging to other tasks within that same guest VM. This vulnerability affects all currently...
Citrix Workspace App for Windows crash due to .NET 9.0.5
If you have any Current Release of Citrix Workspace App 2409.10 or higher, or LTSR version 2402 CU3 or higher and .NET Desktop Runtime 9.0.5 installed, receiver.exe could crash post session launch. Post crash, the systray icon would show up only two options - Open and Exit...
VDA machines stuck at Initializing for Hybrid Azure AD join
For Citrix MCS provisioned Hybrid Azure AD joined machine catalogs, the VDA machines might be stuck at “Initializing” status after startup. And when you login to the VDA machines and execute the “dsregcmd /status /debug” command, you will find below error message under “Diagnostic Data” “Server...
Citrix ShareFile Storage Zones Controller Security Update
A security issue has been identified in Citrix ShareFile storage zones controller which, if exploited, would allow an unauthenticated attacker to remotely compromise the storage zones controller. The issue has been given the following identifier:CVE-ID| Description| Type| Pre-requisites...
How to collect logs for Citrix Workspace App for Windows
This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer toCTX297149for more information This article describes the steps for collecting logs and key data from Citrix Workspace app for Windows...
Citrix Hypervisor Security Update
Description of Problem Two issues have been identified in Citrix Hypervisor that may, in certain configurations, allow privileged code in an HVM guest VM to execute code in the control domain, potentially compromising the host. These vulnerabilities affect all currently supported versions of Citr...