CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.
Vendor | Product | Version | CPE |
---|---|---|---|
citrix | xenserver | 4.1 | cpe:2.3:a:citrix:xenserver:4.1:*:*:*:*:*:*:* |
citrix | xenserver | 5.0 | cpe:2.3:a:citrix:xenserver:5.0:*:*:*:*:*:*:* |
citrix | xenserver | 5.0 | cpe:2.3:a:citrix:xenserver:5.0:update_3:*:*:*:*:*:* |
citrix | xenserver | 5.5 | cpe:2.3:a:citrix:xenserver:5.5:*:*:*:*:*:*:* |
citrix | xenserver | 5.6 | cpe:2.3:a:citrix:xenserver:5.6:*:*:*:*:*:*:* |
citrix | xenserver | 5.6 | cpe:2.3:a:citrix:xenserver:5.6:common_criteria:*:*:*:*:*:* |
citrix | xenserver | 5.6 | cpe:2.3:a:citrix:xenserver:5.6:fp1:*:*:*:*:*:* |
citrix | xenserver | 5.6 | cpe:2.3:a:citrix:xenserver:5.6:sp2:*:*:*:*:*:* |
citrix | xenserver | 6.0 | cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%