CVE-2014-8495 | Vulnerability Database | Aqua Security

Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 applications, does not properly encrypt cached application data, which allows context-dependent attackers to obtain sensitive information by reading the cache.

Affected Software

Name	Vendor	Start Version	End Version
Xenmobile	Citrix	*	9.0.3 (including)
Xenmobile	Citrix	8.5 (including)	8.5 (including)
Xenmobile	Citrix	8.6 (including)	8.6 (including)
Xenmobile	Citrix	8.7 (including)	8.7 (including)
Xenmobile	Citrix	9.0 (including)	9.0 (including)
Xenmobile	Citrix	9.0.2 (including)	9.0.2 (including)

References

http://support.citrix.com/article/CTX200260
http://www.securityfocus.com/bid/70799
http://www.securitytracker.com/id/1031164
https://exchange.xforce.ibmcloud.com/vulnerabilities/98337
http://support.citrix.com/article/CTX200260
http://www.securityfocus.com/bid/70799
http://www.securitytracker.com/id/1031164
https://exchange.xforce.ibmcloud.com/vulnerabilities/98337

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-8495
CWE	https://cwe.mitre.org/data/definitions/310.html