Java Deserialization Vulnerability in Citrix XenMobile Server
CVE-2018-10654
8.1HIGH
Summary
A vulnerability exists in the Hazelcast Library used by Citrix XenMobile Server, where improper handling of Java deserialization can lead to remote code execution. This affects versions 10.8 prior to release pack 2 and 10.7 prior to release pack 3. Implementing the recommended patches is crucial to safeguard the server from potential exploitation.
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved