Lucene search
HistoryJul 11, 2014 - 2:55 p.m.
CVE-2014-4700
citrix
xendesktop
vulnerability
random desktop groups
nvd
cve-2014-4700
4.9 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
60.8%
Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups is enabled and ShutdownDesktopsAfterUse is disabled, allows local guest users to gain access to another user’s desktop via unspecified vectors.
Affected configurations
Node
citrixxendesktopRange5.0–5.6
ORcitrixxendesktopRange7.0–7.11
ORcitrixxendesktopMatch4.0
ORcitrixxendesktopMatch4.0fp1
ORcitrixxendesktopMatch4.0fp2
ORcitrixxendesktopMatch5.6fp1
| CPE | Name | Operator | Version |
|---|---|---|---|
| citrix:xendesktop | citrix xendesktop | le | 5.6 |
| citrix:xendesktop | citrix xendesktop | le | 7.11 |
| citrix:xendesktop | citrix xendesktop | eq | 4.0 |
Related
prion
prion
Design/Logic Flaw
2014-07-11 14:55:00
cvelist
cvelist
CVE-2014-4700
2014-07-11 14:00:00
nessus
nessus
Citrix XenDesktop 4.x / 5.x / 7.x Unauthorized Access (CTX139591)
2014-07-17 00:00:00
citrix
citrix
nvd
nvd
CVE-2014-4700
2014-07-11 14:55:04
4.9 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
60.8%
Related for CVE-2014-4700