Helient Systems :

by Daniel Ruiz
Senior Solutions Architect

Multiple Denial-of-Service vulnerabilities have been identified in Citrix License Server for Windows and VPX.

This can could result in an attacker being able to force the vendor service to shut down.

This service will affect several Citrix solutions including the items below from contacting your License server

• Citrix Endpoint Management (XenMobile)
• Citrix Hypervisor (XenServer)
• Citrix Endpoint Management (XenMobile)

This vulnerability affects the following Citrix License Server versions:

• Citrix License Server for Windows earlier than and including 11.15.0.0 Build 27000.
• Citrix License Server VPX all supported versions.

The  vulnerabilities have been addressed in the following version.

• Citrix License Server for Windows version 11.16.3 build 28000 and newer.

Citrix recommends that customers upgrade their Citrix License Server deployments to 11.16.3 build 28000 or later.

Customers with Citrix License Server VPX will need to deploy the Windows version for the fix.

If you have any questions or need assistance contact us at service@helient.com.