This article is for vSpace Pro users who may be at risk from the Traversal Vulnerability in the Health Monitoring service.
- This cve does NOT effect our RX-HDX / CITRIX Platform devices
CVE-2018-10201 – NComputing vSpace Pro Directory Traversal Vulnerability
This vulnerability has been fixed
A vulnerability has been detected in vSpace Pro software versions that allowed malicious users to read arbitrary files outside the root directory of the web server.
This vulnerability could be exploited remotely by a crafted URL without credentials.
An attacker may then make use of this vulnerability to step out of the root directory and access other parts of the file system. This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
A patch has been applied to vSpace Pro 11 version 11.1.1 to eliminate this issue.
All users are advised that they should take security threats seriously and that they should ensure that you are using a version of vSpace Pro 11 that is equal to or greater than the version mentioned in this article.
For vSpace Pro 10, please see the attached step by step instructions to apply the patch in your vSpace Server successfully.
The compressed patch file is also attached.
If you have any questions regarding this procedure or any other NComputing technical needs, feel free to contact NComputing support.
Thank you for your patience with this matter.
NComputing Support Team.
Related Articles
vSpace Pro Health Monitoring feature
vSpace Health Monitoring: Allows administrators to monitor server health, CPU usage, memory usage, disk usage, Network IO usage, and number of connected session usage. When the CPU usage exceeds a certain threshold, an alert notification is sent to ...
What is vSpace Pro Enterprise Edition & its key features?
vSpace Pro Enterprise Edition is the focal point for future enhancements and development for the vSpace Pro family. vSpace Pro Enterprise Edition includes advanced features such as scalability improvements for large deployments, latest Windows OS ...
vSpace Pro Installation - Tips, References and Process Detail
Published The following article is a detailed process and tips for installing our vSpace Pro platform (vSpace Pro LTS, vSpace Pro Enterprise Edition). As an additional supplement, this article will deal with all other aspects of Pre-Deployment and ...
Port Configuration for NComputing vSpace Products
Use of this document This document will assist you with your port configuration for your environment's network, antivirus, firewall, and security software. When not configured, some of the mentioned, can sometimes interfere with the initial ...
What are key benefits of using vSpace Pro 11 LTS
vSpace Pro 11 LTS supports 10 popular Windows™ operating systems, including Windows Server 2016 and Windows 10. If you use Windows, you’ll be right at home. Your users will all have the same familiar Windows desktop experience. Access the Windows ...