CVE-2013-6077Citrix Xendesktop vulnerability

CWE-2644 documents3 sources
Severity
5.8MEDIUMNVD
EPSS
0.2%
top 64.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Citrix XendesktopCitrix ADMCitrix Hypervisor+5 more
Timeline
PublishedNov 5
Latest updateMay 17

Description

Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages9 packages

🔴Vulnerability Details

1
GHSA
GHSA-7j83-c8jv-q846: Citrix XenDesktop 72022-05-17

📋Vendor Advisories

2
Citrix
CVE-2013-6077: Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass i2013-11-05
Citrix
Citrix Security Bulletin CTX138627