CVE-2016-6877

** DISPUTED ** Citrix XenMobile Server before 10.5.0.24 allows man-in-the-middle attackers to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a valid vulnerability" because an exploitation scenario would involve a man-in-the-middle attack against a TLS session.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:citrix:xenmobile_server:*:*:*:*:*:*:*:*

Information

Published : 2017-05-05 13:29

Updated : 2017-06-26 18:29


NVD link : CVE-2016-6877

Mitre link : CVE-2016-6877


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

citrix

  • xenmobile_server