CVE-2017-12135
published 2017-08-24CVE-2017-12135: Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving…
high8.8CVSS 3.0
AVLACLPRLUINSCCHIHAH
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | xen | < xen 4.11.4-1 (bookworm) | xen 4.11.4-1 (bookworm) |
| debian | xen | < xen 4.8.1-1+deb9u3 (bookworm) | xen 4.8.1-1+deb9u3 (bookworm) |
| fedoraproject | fedora | — | — |
| xen | xen | <= 4.13.0 | — |
| xen | xen | — | — |
| xen | xen | >= 0 < 4.11.4-1 | 4.11.4-1 |
| xen | xen | >= 0 < 4.8.1-1+deb9u3 | 4.8.1-1+deb9u3 |
| xen | xen | >= 0 < 4.11.4-1 | 4.11.4-1 |
| xen | xen | >= 0 < 4.8.1-1+deb9u3 | 4.8.1-1+deb9u3 |
| xen | xen | >= 0 < 4.11.4-1 | 4.11.4-1 |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv8.8HIGH