Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Citrix security updates

Number: AV18-049
Date: 22 March 2018

Purpose

The purpose of this advisory is to bring attention to a recently released Citrix security bulletin.

Assessment

Citrix has released security updates to address vulnerabilities in its XenServer. A remote user could exploit some of these vulnerabilities to take control of an affected system.

Affected Version:

  • XenServer 7.3
  • XenServer 7.2
  • XenServer 7.1 LTSR Cumulative Update 1
  • XenServer 7.0 

CVE References: CVE-2016-2074, CVE-2018-7540, CVE-2018-7541

Suggested action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References

https://support.citrix.com/article/CTX232655
https://support.citrix.com/article/CTX233368
https://support.citrix.com/article/CTX233366
https://support.citrix.com/article/CTX233363
https://support.citrix.com/article/CTX233365
https://support.citrix.com/article/CTX233362
https://support.citrix.com/article/CTX233364

Date modified: