Enquiry of Storefront Upgrade due to Current Security Vulnerability

[Zulhadi Zainal]

Hi All,

 

I just got the notification about the current Storefront vulnerability that just published in the Citrix Security Bulletin (https://support.citrix.com/article/CTX583759/citrix-storefront-security-bulletin-for-cve20235914). Since my current Storefront version is version 2203 CU2, so my current Storefront could be affected with the vulnerability as mentioned in the KB. For that reason, I planning to proceed with the version upgrade as per advise in KB which to upgrade to version 2203 CU4. But before that activity, I need clarify something with any expert and friend here about few things. Below the items that I seek an opinion and advise.

 

1) If I upgrade the Storefront component, is it required to upgrade other CVAD components also (example like DDC, Citrix Studio, etc) to make sure all the component in same version? Or not required the version must same?

2) Is it any issue will happened if the Citrix Storefront is different version from the CVAD components after the upgrade is done?

 

I really need an advise on this matter since all my CVAD components in my current environment is version 2203 CU3 including the Storefront itself. Appreciate any response from this matter. Thanks

 

 

[Jonathan Adams1709163648]

Fine to upgrade StoreFront without upgrading anything else.

[Darryl Sakach]

Agreed, unless the Release Notes specify otherwise.