CVE-2014-3798

CWE-20Improper Input Validation4 documents4 sources
Severity
6.5MEDIUM
EPSS
4.6%
top 10.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Citrix Xenserver
Timeline
PublishedJul 11
Latest updateMay 17

Description

The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDcitrix/xenserver4 versions+3

Patches

Patch: support.citrix.comPatch: support.citrix.com

🔴Vulnerability Details

2
GHSA
GHSA-vj2h-4x4g-jfph: The Windows Guest Tools in Citrix XenServer 62022-05-17
CVEList
CVE-2014-3798: The Windows Guest Tools in Citrix XenServer 62019-07-11

📋Vendor Advisories

1
Citrix
CVE-2014-3798: The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Et2019-07-11
CVE-2014-3798 (MEDIUM CVSS 6.5) | The Windows Guest Tools in Citrix X | cvebase.io