CVE-2016-6493 — Citrix Xendesktop vulnerability

CWE-2544 documents3 sources

Severity

9.8CRITICALNVD

EPSS

2.2%

top 15.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Xendesktop Citrix Xenapp Citrix ADM +6 more

Timeline

PublishedAug 19

Latest updateMay 17

Description

Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages11 packages

▶NVDcitrix/xendesktop7.8

▶NVDcitrix/xenapp8 versions+7

▶citrixcitrix/xenapp

▶citrixcitrix/xendesktop

▶citrixcitrix/xenserver

🔴Vulnerability Details

GHSA

GHSA-v7m4-g8jc-5pw7: Citrix XenApp 6↗2022-05-17

▶

📋Vendor Advisories

Citrix

CVE-2016-6493: Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigat↗2016-08-19

▶

Citrix

Citrix Security Bulletin CTX215460↗

▶