You are here

U-106: Citrix XenServer Multiple Flaws in Web Self Service Have Unspecified Impact

February 17, 2012 - 8:30am

Addthis

PROBLEM:

Multiple vulnerabilities were reported in Citrix XenServer Web Self Service.

PLATFORM:

Version(s): 5.5, 5.6 SP2, 6.0; Web Self Service prior to 1.1.1

ABSTRACT:

A number of security vulnerabilities have been identified in the management web interface of Citrix XenServer Web Self Service.

reference LINKS:

Citrix Support Center
SecurityTracker Alert ID:1026695

IMPACT ASSESSMENT:

Medium

Discussion:

Customers who have installed XenServer but have not additionally downloaded and installed the optional Web Self Service component are not affected by these vulnerabilities. These vulnerabilities affect all currently supported versions of Web Self Service prior to version 1.1.1.

Impact:

Not specified

Solution:

The vendor has issued a fix (Web Self Service 1.1.1). The new version of the Web Self Service virtual appliance can be obtained from the following location: Citrix.com

Addthis