CVE-2016-6493
published 2016-08-19CVE-2016-6493: Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via…
PriorityP341critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.19%
80.2th percentile
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenapp | — | — |
| citrix | xenapp | — | — |
| citrix | xenapp | — | — |
| citrix | xenapp | — | — |
| citrix | xenapp | — | — |
| citrix | xenapp | — | — |
| citrix | xenapp | — | — |
| citrix | xenapp | — | — |
| citrix | xenapp | — | — |
| citrix | xendesktop | <= 7.8 | — |
| citrix | xendesktop | — | — |
| citrix | xenserver | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
CVE-2016-6493: Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigat
vendor_citrix·2016-08-19·CVSS 9.8
CVE-2016-6493 [CRITICAL] CWE-254 CVE-2016-6493: Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigat
CVE-2016-6493: Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
Citrix
Citrix Security Bulletin CTX215460
vendor_citrix·CVSS 9.8
CVE-2016-6493 [CRITICAL] Citrix Security Bulletin CTX215460
Citrix Security Bulletin CTX215460
CVE References: CVE-2016-6493, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-v7m4-g8jc-5pw7: Citrix XenApp 6
ghsa_unreviewed·2022-05-17
CVE-2016-6493 [CRITICAL] GHSA-v7m4-g8jc-5pw7: Citrix XenApp 6
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2016-08-19
Published