CVE-2019-13608
HIGH KEV RANSOMWARE NUCLEICitrix Storefront Server < 1903 - XXE
Title source: ruleDescription
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.
Nuclei Templates (1)
Citrix StoreFront Server - XML External Entity
HIGHVERIFIEDby daffainfo
Shodan:
/Citrix/StoreWeb
FOFA:
/Citrix/StoreWeb
Scores
CVSS v3
7.5
EPSS
0.7126
EPSS Percentile
98.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CISA KEV
2021-11-03
VulnCheck KEV
2021-01-26
InTheWild.io
2021-07-23
ENISA EUVD
EUVD-2019-5046
Ransomware Use
Confirmed
CWE
CWE-611
Status
published
Products (1)
citrix/storefront_server
1811 - 1903
Published
Aug 29, 2019
KEV Added
Nov 03, 2021
Tracked Since
Feb 18, 2026