Vulnerability in Citrix Xendesktop
CVE-2014-4700
Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups is enabled and ShutdownDesktopsAfterUse is disabled, allows local guest users to gain access to another user's desktop via unspecified vectors.
EPSS: 0.006 (44.5th percentile) — read the EPSS interpretation.
Affected products
- Citrix Xendesktop — versions 4.0, 5.6
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)