CVE-2020-8210
HIGHCitrix XenMobile <10.12 - Info Disclosure
Title source: llmDescription
Insufficient protection of secrets in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 discloses credentials of a service account.
Scores
CVSS v3
7.5
EPSS
0.0031
EPSS Percentile
53.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-522
CWE-200
Status
published
Affected Products (21)
citrix/xenmobile_server
< 10.8.0
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
citrix/xenmobile_server
... and 6 more
Timeline
Published
Aug 17, 2020
Tracked Since
Feb 18, 2026