Remote Code Execution Vulnerability in Citrix XenServer 7.0
CVE-2016-5302
9.8CRITICAL
Summary
A vulnerability in Citrix XenServer 7.0 prior to Hotfix XS70E003 allows remote attackers on the management network to compromise a host. The vulnerability arises when systems are upgraded from earlier releases, potentially enabling unauthorized access through exploited Active Directory credentials. Administrators are encouraged to apply updates promptly to mitigate risks.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved