Policy Enforcement Bypass in Citrix XenDesktop 7.0
CVE-2013-6077

Currently unrated

Key Information:

Vendor: Citrix
Status: Xendesktop
Vendor: CVE Published:; 5 November 2013

Summary

Citrix XenDesktop 7.0, when upgraded from earlier versions like XenDesktop 5.x, exposes a vulnerability due to improper enforcement of policy rule permissions. This weakness enables remote attackers to bypass established restrictions, potentially leading to unauthorized access and control over the system.

References

http://support.citrix.com/article/CTX138627

x_refsource_CONFIRM

http://osvdb.org/98890

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 5, 2013