CVE-2016-5109 — MEDIUM (4.3)

Vulnerability Description

Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for iOS before 10.3.6 might allow physically proximate attackers to bypass in-application Apple Touch ID authentication via unspecified vectors, related to an application requiring re-authentication.

CVSS Score

4.3

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Citrix	Xenmobile Mdx Toolkit	10.3.0
Citrix	Worx Home	10.3.0

Related Weaknesses (CWE)

CWE-284

References

http://support.citrix.com/article/CTX214006Vendor Advisory
http://support.citrix.com/article/CTX214006Vendor Advisory

FAQ

What is CVE-2016-5109?

CVE-2016-5109 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for iOS before 10.3.6 might allow physically proximate attackers to bypass in-application Apple Touch ID authentication via unspecified...

How severe is CVE-2016-5109?

CVE-2016-5109 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-5109?

Check the references section above for vendor advisories and patch information. Affected products include: Citrix Xenmobile Mdx Toolkit, Citrix Worx Home.