Summary
This host is installed with Citrix Licensing Administration Console and is prone to security bypass and denial of service vulnerabilities.
Impact
Successful exploitation could allow remote attackers to bypass certain security restrictions and cause denial-of-service condition.
Impact Level: Application
Solution
Upgrade to Citrix Licensing Administration Console 11.10 or later.
For updates refer to
http://www.citrix.com/downloads.html
Insight
The flaws are caused by errors in a third-party component that is used by the administration console, which could allow an attacker to cause a denial of service or gain unauthorized access to some license administration functionality by tricking an administrator into visiting a malicious web site.
Affected
Citrix Licensing Administration Console 11.6 and Prior.
References
Severity
Classification
-
CVE CVE-2011-1101 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Adobe ColdFusion Multiple Path Disclosure Vulnerabilities
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14