Multiple Vulnerabilities in Citrix XenMobile Server Could Allow for Arbitrary File Read
by CIRT Team
DESCRIPTION
Multiple vulnerabilities have been discovered in Citrix XenMobile Server, the most severe of which could allow for reading of arbitrary files on the server. XenMobile is a software that provides mobile device management and mobile application management. Successful exploitation of the most severe of theses vulnerabilities could allow for arbitrary file read, resulting in access to configuration data and further attacks.
IMPACT
Multiple vulnerabilities have been discovered in Citrix XenMobile Server, the most severe of which could allow for reading of arbitrary files on the server. Details of these vulnerabilities are as follows:
- A path traversal vulnerability that could allow reading of arbitrary files outside the web server root directory (CVE-2020-8209).
- One additional critical rated vulnerability (CVE-2020-8208).
- Multiple medium or low severity vulnerabilities (CVE-2020-8210, CVE-2020-8211, CVE-2020-8212)
Successful exploitation of the most severe of theses vulnerabilities could allow for arbitrary file read, resulting in access to configuration data and further attacks.
SYSTEM AFFECTED
- XenMobile Server 10.12 before RP3
- XenMobile Server 10.11 before RP6
- XenMobile Server 10.10 before RP6
- XenMobile Server before 10.9 RP5
RECOMMENDATIONS
Following actions are recommended to be taken:
- Apply appropriate patches provided by Citrix to vulnerable systems immediately after appropriate testing.
- Reset all password of logged in users over the past 120 days in case your organization was targeted by cyber threat actors.
- Apply the Principle of Least Privilege to all systems and services.
- Remind users not to visit untrusted websites or follow links provided by unknown or un-trusted sources.
REFERENCES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8208
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8209
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8210
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8211
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8212
https://support.citrix.com/article/CTX277457
Recommended Posts
Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh
06 Nov 2024 - Security Advisories & Alerts