You are here

V-068: Citrix CloudPlatform Logs Potentially Sensitive Information in the Log File

January 14, 2013 - 12:15am

Addthis

PROBLEM:

Citrix CloudPlatform Logs Potentially Sensitive Information in the Log File

PLATFORM:

Citrix CloudStack and CloudPlatform up to and including 3.0.5.

ABSTRACT:

A vulnerability was reported in Citrix CloudPlatform.

REFERENCE LINKS:

Document ID: CTX136163
SecurityTracker Alert ID:  1027978
CVE-2012-5616

IMPACT ASSESSMENT:

Medium

DISCUSSION:

A vulnerability has been identified in Citrix CloudPlatform, formerly known as Citrix CloudStack, that could result in security-sensitive information being logged during the normal operation of the CloudPlatform server.

IMPACT:

A local user can obtain potentially sensitive information.

SOLUTION:

The vendor has issued a fix (3.0.6).

Addthis