Citrix Licensing Server Administration Components Multiple Vulnerabilities

Medium Nessus Plugin ID 58563


The remote Windows host contains an application that is affected by multiple vulnerabilities.


The version of Citrix License Server installed on the remote Windows host is potentially affected by multiple vulnerabilities in the administration component :

- An unspecified cross-site scripting vulnerability exists.

- An unspecified cross-site request forgery vulnerability exists.

- A denial of service vulnerability exists that could allow an attacker with access to the web application to prevent access by other legitimate users.


Upgrade to Citrix License Server 11.10 or later.

See Also

Plugin Details

Severity: Medium

ID: 58563

File Name: citrix_licensing_administration_11_10.nasl

Version: $Revision: 1.9 $

Type: local

Agent: windows

Family: Windows

Published: 2012/04/02

Modified: 2016/10/07

Dependencies: 58562

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:citrix:licensing_administration_console

Required KB Items: SMB/Citrix License Server/Path, SMB/Citrix License Server/Version, SMB/Citrix License Server/Build

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/03/10

Vulnerability Publication Date: 2011/02/23

Reference Information

CVE: CVE-2011-1101

BID: 46529, 52522

OSVDB: 71038, 71041, 80185

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990