← voltar
CVE-2020-8274

CVE-2020-8274

EPSS 2.0%CWE-94
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 2.0%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
06 jan 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code ('Code Injection') by allowing unauthenticated access to read data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.
Produtos afetados
n/a · Citrix Secure Mail for Android

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://support.citrix.com/article/CTX286763