USB Redirection Flaw in Citrix XenDesktop Virtual Desktop Agent
CVE-2012-6314

Currently unrated

Key Information:

Vendor
Citrix
Vendor
CVE Published:
26 December 2012

Summary

The Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x prior to version 5.6.200 contains a flaw in its handling of server-side policies for USB redirection. This vulnerability permits authenticated users to maintain access to USB devices, even after changes are made to the server-side policies intended to restrict such access. This behavior could lead to unauthorized data transfer and potential security breaches, compromising the integrity of sensitive information within the virtual environment.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.