Vulnerability Description
* Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in memory, giving rise to a remote code execution vulnerability. NOTE: the vendor disputes that this is a vulnerability, stating it is "already mitigated by the internal firewall that limits access to configuration services to localhost.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Xenmobile Server | <= 10.8.0 |
Related Weaknesses (CWE)
References
- https://advisories.dxw.com/advisories/xen-mobile-vulnerable-to-code-execution-viExploitThird Party Advisory
- https://advisories.dxw.com/advisories/xen-mobile-vulnerable-to-code-execution-viExploitThird Party Advisory
FAQ
What is CVE-2018-18013?
CVE-2018-18013 is a vulnerability with a CVSS score of 7.8 (HIGH). * Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deseriali...
How severe is CVE-2018-18013?
CVE-2018-18013 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18013?
Check the references section above for vendor advisories and patch information. Affected products include: Citrix Xenmobile Server.