Citrix License Server Vulnerabilities

Yesterday, Sep 25, Citrix reported multiple Dnieal-of-Service vulnerabilities with License Server for Windows and VPX, so an attacker may be able to enforce a vendor service shutdown:

CVE-2018-20031: A Denial of Service vulnerability in FlexNet Publisher version 11.16.1.0 and earlier
CVE-2018-20032: A Denial of Service vulnerability in FlexNet Publisher version 11.16.1.0 and earlier
CVE-2018-20033: A Remote Code Execution vulnerability in FlexNet Publisher version 11.16.1.0 and earlier
CVE-2018-20034: A Denial of Service vulnerability in FlexNet Publisher version 11.16.1.0 and earlier

These vilnerabilities are fixed with Citrix License Server for Windows version 11.16.3 build 28000 and newer. Actually, there’s no fix available for the VPX flavour.

For details please see Citrix KB article CTX261963.

Meltdown & Spectre Processor Vulnerabilities When it comes to the latest security vulnerabilities, these days…
Citrix ADC / Gateway Security Update On Sep 17, Citrix released CTX281474 article. There are in…
NetScaler 10.5 to 12.0 affected by two TLS Vulnerabilities Yesterday, Citrix released two Security Bulletins related to TLS vulnerabilities…
NetScaler ADC / Gateway Security Updates There are some security patches needed to fix new vulnerabilities…
SD-WAN Firmware 10.2.5 released On Oct, 4 Citrix released SD-WAN firmware version 10.2.5, which…
Postman 6.0 available Postman, my preferred tool when it comes to API testing…

Citrix License Server Vulnerabilities

Related Posts:

Leave a Reply