5311 matches found
CVE-2017-17549 - Information Disclosure in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Client TLS Handshake
Description of Problem A vulnerability has been identified in the Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway Packet Engine that could result in the disclosure of cleartext traffic from the backend client TLS handshake. This vulnerability only affects connections...
FAQ: What are the Difference Between WANOP, Standard and Enterprise Edition Licenses of NetScaler SD-WAN ?
Q: What is the difference between WANOP, Standard and Enterprise Edition license of NetScaler SD-WAN? A : With WANOPEdition License you can only have WAN Optimization feature which is applicable on NetScaler SD-WAN Version 7.x and below, 9.0.1, 9.1.0 +. With Standard Edition License you can only...
CVE-2012-5161 - Vulnerability in Citrix XenApp could result in arbitrary code execution
Description of Problem A vulnerability has been identified in the XML Service interface of XenApp that could potentially be used by a remote, unauthenticated attacker to execute arbitrary code in the context of a service account on a XenApp server. The vulnerability could potentially be exploited...
uberAgent service startup fails with error 13
uberAgent service is not running. Attempt to start the service fails. Error message: Windows could not start the uberAgent service on Local Computer.Error 13: The data is invalid. uberAgent log file located in C:\Windows\Temp default location shows the errors: 2025-03-17 10:23:55.706...
NetScaler Console, Agent and SDX (SVM) Security Bulletin for CVE-2024-6235 and CVE-2024-6236
Description of Problem Two vulnerabilities have been discovered in NetScaler Console formerly NetScaler ADM, NetScaler SDX SVM, and NetScaler Agent. Refer to below for further details: Affected Versions The following supported version of NetScaler Console formerly NetScaler ADM is affected by...
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
Description of Problem Multiple vulnerabilities have been discovered in Citrix ADC formerly known as NetScaler ADC, Citrix Gateway formerly known as NetScaler Gateway and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result...
CVE-2020-6175 - Citrix SD-WAN Security Update
Description of Problem An information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic. The vulnerability has been assigned the following CVE...
Citrix Provisioning - SoapService errors in the event viewer after installing 2042 CU2
Since installing 2402 CU2 there are multiple errors in the event viewer. The event logged during Citrix PVS Soap Server start: Source: SoapService Event ID: 1 Level: Error Event Data:MapiException: ErrorCodeOtherException An unexpected MAPI error occurred. The event logged every 5 minutes: Source...
Citrix Hypervisor Security Bulletin for CVE-2020-35498
An issue has been identified in Citrix Hypervisor 8.2 LTSR CU1 Hotfix XS82ECU1008 only that may allow malicious network traffic to cause subsequent packets to be dropped. This issue has the following identifier: CVE ID| Description| Type| Pre-requisites ---|---|---|--- CVE-2020-35498| Malicious...
CVE-2013-6077 - Vulnerability in XenDesktop 7.0 Upgrade Could Result in Policy Bypass
Description of Problem A vulnerability has been identified in Citrix XenDesktop 7.0 that could prevent policy rules from being correctly applied following an upgrade from earlier versions of Citrix XenDesktop. This vulnerability affects deployments of Citrix XenDesktop that have been upgraded fro...
Citrix Cloud Intermittent loss of connectivity to On-Prem AD
When attempting to run MCS Process - Ran into issues contacting the On-Prem Active Directory Citrix.CloudServices.ADAgent EventID 10102 Errors: Message=Unable to connect to the forest associated with domain "DOMAINNAME.local"...
Citrix Session Recording Security Bulletin for CVE-2023-6184
A vulnerability has been discovered in Citrix Session Recording, which, if exploited, may result in an authenticated user being able to perform an RCE. Affected Versions: The following supported versions of Citrix Session Recording are affected by the vulnerability: Current Release CR Citrix...
Event ID: 28 "Could not contact any Federated Authentication Servers"
Users are unable to launch Citrix sessions from a FAS enabled store and observe the error - 'Cannot start desktop '. On the StoreFront servers, we observe Event ID: 28 stating - 'Failed to launch the resource 'XXXXXX' using the Citrix XML Service at address '??'. It was not possible to select a...
Users receive error "Try again after some time or contact your help desk" at login
While accessing ADC Gateway or Authentication page, in certain conditions users received one of these two errors: "Try again after some time or contact your help desk". "Malformed assertion sent to Netscaler" Users redirected to Login page. To validate this is the cause, you can check ADC syslogs...
Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow malicious code running in a PV guest VM to compromise the host and malicious privileged code running in an HVM guest VM to crash the host. These vulnerabilities affect all currently...
PVS boot fails for Server 2025 based PVS vdisks running on Azure and Hyperv after windows update
When applying windows updates to a PVS vdisk with Server 2025 which is running on Azure or Hyper-V, after rebooting to finish installing windows updates, PVS boot fails. Issue when applying windows updates to a PVS Streamed server 2025 vdisk: 1. The vdisk is booted in read/write mode 2. Windows...
Citrix Workspace app for Windows Security Bulletin CVE-2024-6286
Description of Problem A vulnerability has been discovered that impacts the Citrix Workspace app for Windows. Refer to below for further details: Affected Versions The vulnerability affects the following supported versions of the Citrix Workspace app for Windows Current Release CR Citrix Workspac...
Reporting: "Error retrieving data source. Return code=257. Error message=Operation not permitted."
The message "Error retrieving data source. Return code = 257. Error message = Operation not permitted" is displayed when clicking Reporting on NetScaler:...
Citrix SD-WAN Multiple Security Updates
Description of Problem Multiple vulnerabilities have been identified in the management console of the Citrix SD-WAN Center and NetScaler SD-WAN Center. Multiple Vulnerabilities have also been identified on the Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance. Collectively, these...
CVE-2016-9603 - Citrix XenServer Security Update
Description of Problem A security issue has been identified within Citrix XenServer. This issue could, if exploited, allow the administrator of an HVM guest VM to compromise the host. The following vulnerability has been addressed: CVE-2016-9603 High: QEMU: Cirrus VGA Heap overflow via display...
Understanding Zero Touch Certificate Management (ZTCM) in Citrix NetScaler
Summary: This article addresses frequently asked questions regarding the behavior of Zero Touch Certificate Management ZTCM in Citrix NetScaler, including how it handles certificate synchronization, SNI-based certificate selection, and coexistence with legacy configurations...
エラー番号 2306 が発生し、セッションの起動に失敗します
セッションの起動時にエラー番号 2306 が発生し、起動に失敗する場合があります。 エラーメッセージ: Citrix Workspace Configuration Manager: XXXXX.ica という名前のファイルが見つかりませんでした。インストールを確認するか、管理者に連絡してください。...
Citrix Hypervisor Security Update
Several security issues have been discovered in Citrix Hypervisor that, collectively, may allow privileged code in a guest VM to compromise or crash the host. These issues have the following identifiers: CVE-ID| Description| Pre-requisites ---|---|--- CVE-2021-28694| Host denial of service|...
"Citrix gateway plug-in for java is not supported" on all web browsers except IE
After upgrading ADCsoftware to 13.0 7+ The following isthe error message users will see on web browsers: Citrix Gateway Plug-in for Java is not supported. For further help or information, contact your help desk or system administrator."...
Citrix Gateway Service – Points-of-Presence (PoPs)
In order to ensure business continuity and assure quality of service for customers using Citrix Gateway service for HDX proxy, we are expanding the number of PoPs available globally. This change impacts Citrix Workspace and Citrix Virtual Apps & Desktops service customers. Customers may see netwo...
App Layering/Unidesk: Boot failure after windows updates cmimcext.sys
Windows updates causes server to fail boot with error message file missing cmimcext.sys. BSOD with0xc000000f stop code. This can apply to a newly imported OS layer or to a new version of an existing OS layer...
How do I resolve a failed Cloud Connector maintenance
A Cloud Connector will enter maintenance mode for a number of reasons including software updates. Only one connector will be put into maintenance mode at a time. This ensures that there are other connectors available to handle service requests. In some cases, the Cloud Connector may fail to updat...
CVE-2016-9637 - Citrix XenServer Security Update
Description of Problem A security vulnerability has been identified in Citrix XenServer that may allow malicious privileged-mode code running within an HVM guest VM to compromise the host. This vulnerability affects all currently supported versions of Citrix XenServer up to and including Citrix...
CVE-2016-2789 - Persistent Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.x Web User Interface
Description of Problem A Cross-Site Scripting XSS vulnerability has been identified in XenMobile Server 10.x. This vulnerability could potentially be used to execute malicious client-side script in the same context as legitimate content from the web server; if this vulnerability is used to execut...
CVE-2019-11550 - Citrix SD-WAN Security Update
Description of Problem An information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic. The vulnerability has been assigned the following CVE...
Citrix XenServer Multiple Security Updates
Description of Problem A number of vulnerabilities have been identified within Citrix XenServer that could, if exploited, allow a malicious administrator of a guest VM to crash the host and, for some XenServer versions, allow a remote attacker to compromise the host. The following vulnerabilities...
CVE-2017-17382 - TLS Padding Oracle Vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway
Description of Problem A vulnerability has been identified in the Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway Packet Engine that could allow an attacker to exploit the appliance to decrypt TLS traffic. This vulnerability has been assigned the following CVE:...
CVE-2015-8277 - Citrix Licensing Security Updates
Description of Problem A vulnerability has been identified in Citrix Licensing that could allow a remote, unauthenticated attacker to crash the License Server and potentially execute arbitrary code on the server. This vulnerability affects the following products: Citrix License Server for Windows...
Citrix Virtual Apps and Desktops 2402 CU2 expired certificate
Citrix Virtual Apps and Desktops CVAD 2402 LTSR Cumulative Update 2 CU2 2402.0.2100 contains installers and binaries signed with a now-expired code signing certificate. File signatures are considered valid if either: A timestamp was included at the time of signing, or The certificate used for...
ADC: ICMP Timestamp Request Remote Date Disclosure Vulnerability (CVE-1999-0524)
Vulnerability scan is flagging NetScaler device as vulnerable to ICMP Timestamp Request Remote Date Disclosure Vulnerability CVE-1999-0524 even when an ACL already exists to block ICMP type 13 traffic...
Citrix Workspace app for HTML5 Security Bulletin CVE-2024-6148 and CVE-2024-6149
Description of Problem Two vulnerabilities have been discovered that impact the Citrix Workspace app for HTML5. Refer to below for further details: Affected Versions The vulnerabilities affect the following supported versions of the Citrix Workspace app for HTML5. Citrix Workspace app for HTML5...
How to delete profile at logoff without profile saved on user store
Citrix Profile Mangement is often used with a shared storage, but some environments prevent the using of shared storage, and also want to use the function of delete locally cached profiles at logff in UPM. This article tells how to achieve this goal...
[NetScaler] SDX reports "Appliance is running in grace" Error
SDX has instance license CNSINSTCCS checked from ADM. And SDX may report error "Appliance is running in grace. System will loose capacity after XYZ hours"...
Windows 11 VDA machines stuck at Initializing for Azure AD or Hybrid Azure AD
For Citrix MCS provisioned Azure AD or Hybrid Azure AD joined machine catalogs that use Windows 11 22H2 or 23H2 as master VMs’ OS, the VDA machines might be stuck at “Initializing” status after startup. And when you login to the VDA machines and execute the “dsregcmd /status” command, “Provider:...
Citrix Hypervisor Security Bulletin for CVE-2022-33748 & CVE-2022-33749
Several security issues have been identified in Citrix Hypervisor 8.2 LTSR CU1. These are: A malicious privileged user in a guest VM working in collaboration with a malicious privileged user in another guest VM can cause the host to crash or become unresponsive. This issue has the following CVE...
FAS raises error "Server [*****$] is not authorized to assert identities using rule
After clicking the icon, the APP launch fails with following event log on FAS server Log Name: Application Source: Citrix.Authentication.FederatedAuthenticationService Date: 7/12/1999 10:10:04 AM Event ID: 101 Task Category: None Level: Warning Keywords: Classic User: N/A Computer: FASTEST.fasS.c...
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-5491 and CVE-2024-5492
Description of Problem Two vulnerabilities have been discovered in NetScaler ADC formerly Citrix ADC and NetScaler Gateway formerly Citrix Gateway. Refer to below for further details: Affected Versions The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the...
Citrix ShareFile StorageZones Controller Multiple Security Updates
Description of Problem Two security issues have been identified within Citrix ShareFile StorageZones Controller that, if exploited, could allow a compromised or malicious ShareFile user to write arbitrary files as that Active Directory user to the local file system, and also to discover the full...
Citrix Security Acknowledgements
Citrix would like to thank security researchers who have worked with us to secure Citrix products and services. 2019 Vahagn Vardanian Mohammed Israil Nicholis du Toit Archit Garg of Careem Ismail Tasdelen Andrea Pessione of SKIT Cyber Security Armando Huesca of SKIT Cyber Security Asher Bin Khali...
CVE-2018-5314 - Authentication Bypass Vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway
Description of Problem A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway that, if exploited, could allow an unauthenticated attacker with access to the NetScaler management interface to bypass authenticati...
Critical Error: "An error occurred communicating with the Server" when adding a server to a store
When adding a server to a store in PVS console, the console hangs, then after a few seconds the message Critical Error: "An error occurred communicating with the Server" is seen, and the soap service crashes. A soap service crash dump may show an exception due to the stack overflow, where it has...
CVAD: How to install Citrix Profile Management WMI Plug-in on the VDA
This article lists the steps to install the Citrix Profile Management WMI Plug-in on the VDA...
How to Fix the Uninstall of StoreFront
This article describes how to fix the uninstall of Citrix StoreFront when installed using a non-English UI. When StoreFront is installed under these conditions, uninstall will fail with error code 1605, erroneously indicating the product is not installed...
PVS Login error: Error "the domain\user does not have access to the farm" or "The specified AuthGroup does not exist" when Trying to Connect to PVS Farm
When trying to connect to a PVS Farm through the PVS Console, the following error is displayed and you cannot connect to the Farm. Error : "the domain\user does not have access to the farm" Error : "The specified AuthGroup does not exist"...
Does CWAL support http store
This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer toCTX297149for more information Does CWAL supports http store in Native receiver or Storebrowse?...