Citrix: >> Xenapp >> 6.5.0.0 Security Vulnerabilities
Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVSS Score
5.3
EPSS Score
0.01
Published
2020-06-11
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
CVSS Score
9.8
EPSS Score
0.022
Published
2016-08-19
The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.3
EPSS Score
0.074
Published
2012-12-26