Citrix Sharefile Storagezones Controller
By the Year
In 2024 there have been 0 vulnerabilities in Citrix Sharefile Storagezones Controller . Sharefile Storagezones Controller did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 3 | 9.03 |
| 2020 | 3 | 7.50 |
| 2019 | 0 | 0.00 |
| 2018 | 2 | 3.70 |
It may take a day or so for new Sharefile Storagezones Controller vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Citrix Sharefile Storagezones Controller Security Vulnerabilities
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may
CVE-2021-22941
9.8 - Critical
- September 23, 2021
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller.
An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller
CVE-2021-22932
7.5 - High
- August 16, 2021
An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. Customers are only affected by this issue if they previously selected Enable Encryption in the ShareFile configuration page and did not re-select this setting after running the CTX269106 mitigation tool. ShareFile customers who have not run the CTX269106 mitigation tool or who re-selected Enable Encryption immediately after running the tool are unaffected by this issue.
Missing Encryption of Sensitive Data
A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may
CVE-2021-22891
9.8 - Critical
- May 27, 2021
A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote compromise of the Storage Zones Controller.
AuthZ
In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020
CVE-2020-7473
7.5 - High
- May 07, 2020
In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-8982 and CVE-2020-8983 but has essentially the same risk.
Directory traversal
An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller
CVE-2020-8982
7.5 - High
- May 07, 2020
An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8983.
Directory traversal
An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which
CVE-2020-8983
7.5 - High
- May 07, 2020
An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8982.
Directory traversal
Citrix ShareFile StorageZones Controller before 5.4.2
CVE-2018-16968
3.1 - Low
- September 26, 2018
Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal.
Directory traversal
Citrix ShareFile StorageZones Controller before 5.4.2 has Information Exposure Through an Error Message.
CVE-2018-16969
4.3 - Medium
- September 26, 2018
Citrix ShareFile StorageZones Controller before 5.4.2 has Information Exposure Through an Error Message.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Citrix Sharefile Storagezones Controller or by Citrix? Click the Watch button to subscribe.
