CVE-2012-4606

CWE-269Improper Privilege Management4 documents4 sources
Severity
7.8HIGH
EPSS
0.0%
top 86.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Citrix Xenserver
Timeline
PublishedJan 23
Latest updateApr 23

Description

Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDcitrix/xenserver5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-7wp8-c7mq-wxq7: Citrix XenServer 42022-04-23
CVEList
CVE-2012-4606: Citrix XenServer 42020-01-23

📋Vendor Advisories

1
Citrix
CVE-2012-4606: Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vul2020-01-23
CVE-2012-4606 (HIGH CVSS 7.8) | Citrix XenServer 4.1 | cvebase.io