CVE-2016-6276 — Citrix Linux Virtual Delivery Agent vulnerability

CWE-2644 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 84.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Linux Virtual Delivery Agent Citrix Xendesktop Citrix Xenapp +2 more

Timeline

PublishedSep 26

Latest updateMay 17

Description

Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual Desktop) before 1.4.0 allows local users to gain root privileges via unspecified vectors.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

▶NVDcitrix/linux_virtual_delivery_agent1.3

▶citrixcitrix/linux_virtual_delivery_agent

▶citrixcitrix/xendesktop

▶citrixcitrix/citrix_xendesktop

▶citrixcitrix/xenapp

🔴Vulnerability Details

GHSA

GHSA-vvrh-w3wg-fx4v: Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual Desktop) before 1↗2022-05-17

▶

📋Vendor Advisories

Citrix

CVE-2016-6276: Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual Desktop) before 1.4.0 allows local users to gain root privileges via unspecified↗2016-09-26

▶

Citrix

CVE-2016-6276 - Vulnerability in Citrix Linux VDA (formerly known as Linux Virtual Desktop) Could Result in Privilege Escalation↗

▶