4.9
CVSSv3

CVE-2017-5573

CVSSv4: NA | CVSSv3: 4.9 | CVSSv2: 4 | VMScore: 590 | EPSS: 0.00075 | KEV: Not Included
Published: 30/01/2017 Updated: 21/11/2024

Vulnerability Summary

An issue exists in Linux Foundation xapi in Citrix XenServer up to and including 7.0. An authenticated read-only administrator can cancel tasks of other administrators.

Vulnerable Product Search on Vulmon Subscribe to Product

citrix xenserver 6.0.2

citrix xenserver 6.2.0

citrix xenserver 6.5

citrix xenserver 7.0

Vendor Advisories

Description of Problem Several security issues have been identified within Citrix XenServer These issues could, if exploited, allow an authenticated administrator to perform a denial-of-service attack against the host, even when that administrator has a less-privileged RBAC role (eg read-only)  In addition, the issues could permit an attac ...