CyberSec.Space Logo
Back to CVE Browser

CVE-2016-5302

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0040%
EPSS Percentile20.57th
PublishedJun 13, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.

Affected Platforms (CPE)

πŸ“¦
Citrix

Xenserver

<= 7.0

References & Advisories

πŸ”— http://support.citrix.com/article/CTX213549
πŸ”— http://www.securitytracker.com/id/1036082
πŸ”— https://support.citrix.com/article/CTX213769
πŸ”— http://support.citrix.com/article/CTX213549
πŸ”— http://www.securitytracker.com/id/1036082
πŸ”— https://support.citrix.com/article/CTX213769

Related Vulnerabilities

CVE-2014-494710.0

Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and ...

CVE-2018-140079.8

Citrix XenServer 7.1 and newer allows Directory Traversal.

CVE-2013-67959.3

The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary c...

CVE-2009-37598.8

Multiple cross-site request forgery (CSRF) vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb all...