Citrix Virtual Apps And Desktops
By the Year
In 2024 there have been 1 vulnerability in Citrix Virtual Apps And Desktops with an average score of 7.2 out of ten. Last year Virtual Apps And Desktops had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Virtual Apps And Desktops in 2024 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2024 is greater by 2.90.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 1 | 7.20 |
| 2023 | 1 | 4.30 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 7.80 |
| 2020 | 3 | 8.80 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Virtual Apps And Desktops vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Citrix Virtual Apps And Desktops Security Vulnerabilities
Cross SiteScripting vulnerability in Citrix Session Recording
CVE-2023-6184
7.2 - High
- January 18, 2024
Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting
XSS
Users with only access to launch VDA applications
CVE-2023-24490
4.3 - Medium
- July 10, 2023
Users with only access to launch VDA applications can launch an unauthorized desktop
A vulnerability has been identified in Citrix Virtual Apps and Desktops
CVE-2021-22928
7.8 - High
- August 05, 2021
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.
An authorised user on a Windows host running Citrix Universal Print Server
CVE-2020-8283
8.8 - High
- December 14, 2020
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Improper Privilege Management
An unprivileged Windows user on the VDA
CVE-2020-8269
8.8 - High
- November 16, 2020
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
Improper Privilege Management
An unprivileged Windows user on the VDA or an SMB user
CVE-2020-8270
8.8 - High
- November 16, 2020
An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Citrix Virtual Apps And Desktops or by Citrix? Click the Watch button to subscribe.
