Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8983.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Citrix Systems Citrix ShareFile storage zones Controller 路径遍历漏洞
Vulnerability Description
Citrix Systems Citrix ShareFile是美国思杰系统(Citrix Systems)公司的一套文件共享解决方案。storage zones Controller是其中的一个存储区控制器。 Citrix Systems Citrix ShareFile storage zones Controller中存在路径遍历漏洞。攻击者可利用该漏洞访问ShareFile用户的文档和文件夹。以下产品及版本受到影响:Citrix ShareFile storage zones Controller
CVSS Information
N/A
Vulnerability Type
N/A