CVE-2016-6877

CVE-2016-6877 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:P/A:N

Citrix XenMobile Server before 10.5.0.24 allows man-in-the-middle attackers to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a valid vulnerability" because an exploitation scenario would involve a man-in-the-middle attack against a TLS session

Learn more about our Cis Benchmark Audit For Server Software.