Published: 01/06/2016 Updated: 30/11/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Citrix Studio prior to 7.6.1000, Citrix XenDesktop 7.x prior to 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow malicious users to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix xendesktop 7.6
citrix xendesktop 7.1
citrix xendesktop 7.0
citrix xenapp 7.5
citrix xenapp 7.6
citrix xendesktop 7.5

Description of Problem A vulnerability has been identified in Citrix Studio that could allow Access Policy rules to be set insecurely on the Citrix XenDesktop Delivery Controller This vulnerability affects the following product versions: Citrix XenDesktop 7x between versions 70 and 76 inclusive, including 76 Long Term Service Release (LTSR) Ci ...

CWE-284 http://support.citrix.com/article/CTX213045 http://www.securitytracker.com/id/1036021 https://nvd.nist.gov https://support.citrix.com/article/CTX213045

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-4810

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect