Citrix Xenapp
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Citrix Xenapp.
By the Year
In 2026 there have been 0 vulnerabilities in Citrix Xenapp. Xenapp did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 7.80 |
| 2020 | 3 | 5.30 |
It may take a day or so for new Xenapp vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Citrix Xenapp Security Vulnerabilities
A vulnerability has been identified in Citrix Virtual Apps and Desktops
CVE-2021-22928
7.8 - High
- August 05, 2021
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.
An authorised user on a Windows host running Citrix Universal Print Server
CVE-2020-8283
- December 14, 2020
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Improper Privilege Management
An unprivileged Windows user on the VDA
CVE-2020-8269
- November 16, 2020
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
Improper Privilege Management
Citrix XenApp 6.5, when 2FA is enabled
CVE-2020-13998
5.3 - Medium
- June 11, 2020
Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Side Channel Attack
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Citrix Xenapp or by Citrix? Click the Watch button to subscribe.
