Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2019-13608 | Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability | secondary_impact | T1003 | OS Credential Dumping |
Comments
CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
References
|
CVE-2019-13608 | Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability | secondary_impact | T1078 | Valid Accounts |
Comments
CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
References
|
CVE-2019-13608 | Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability | secondary_impact | T1046 | Network Service Discovery |
Comments
CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
References
|
CVE-2019-13608 | Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability | secondary_impact | T1005 | Data from Local System |
Comments
CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
References
|
CVE-2019-13608 | Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
References
|