Authentication Bypass in Citrix XenServer by Citrix
CVE-2010-0633

Currently unrated

Key Information:

Vendor: Citrix
Status: Xenserver
Vendor: CVE Published:; 12 February 2010

Summary

An unspecified vulnerability exists in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, which allows local users to bypass authentication mechanisms. Successful exploitation enables these users to execute unspecified Xen API (XAPI) calls, potentially compromising the system's integrity and security. This vulnerability can be exploited through various unknown vectors, making it critical for administrators to apply necessary security patches and follow recommended configurations.

References

http://support.citrix.com/article/CTX123456

x_refsource_CONFIRM

http://support.citrix.com/article/CTX123193

x_refsource_CONFIRM

http://support.citrix.com/article/CTX123460

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 12, 2010