Sharefile Storage Zones Controller
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-2699 | Cri | 0.66 | 9.8 | 0.49 | Apr 2, 2026 | Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution. | ||
| CVE-2026-2701 | Cri | 0.59 | 9.1 | 0.49 | Apr 2, 2026 | Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution. | ||
| CVE-2021-22941 | 0.25 | — | 0.54 | KEV | Sep 23, 2021 | Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller. | ||
| CVE-2023-24489 | 0.20 | — | 0.95 | KEV | Jul 10, 2023 | A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. | ||
| CVE-2020-8982 | 0.07 | — | 0.27 | May 7, 2020 | An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or… | |||
| CVE-2020-7473 | 0.05 | — | 0.14 | May 7, 2020 | In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs,… | |||
| CVE-2021-22891 | 0.00 | — | 0.01 | May 27, 2021 | A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote compromise of the Storage Zones Controller. | |||
| CVE-2020-8983 | 0.00 | — | 0.05 | May 7, 2020 | An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile,… |
- risk 0.66cvss 9.8epss 0.49
Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.
- risk 0.59cvss 9.1epss 0.49
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.
- risk 0.25cvss —epss 0.54
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller.
- risk 0.20cvss —epss 0.95
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.
- CVE-2020-8982May 7, 2020risk 0.07cvss —epss 0.27
An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or…
- CVE-2020-7473May 7, 2020risk 0.05cvss —epss 0.14
In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs,…
- CVE-2021-22891May 27, 2021risk 0.00cvss —epss 0.01
A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote compromise of the Storage Zones Controller.
- CVE-2020-8983May 7, 2020risk 0.00cvss —epss 0.05
An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile,…