Memory Permission Vulnerability in Citrix XenApp and XenDesktop Products
CVE-2016-6493

9.8CRITICAL

Key Information:

Vendor

Citrix
Status
Xenapp
Xendesktop
Vendor
CVE Published:
19 August 2016

What is CVE-2016-6493?

Certain versions of Citrix XenApp and XenDesktop exhibit a vulnerability that allows attackers to potentially weaken critical security mitigations. This issue is linked to how memory permissions are managed, which could be exploited through various attack vectors. Affected users are encouraged to apply the relevant updates and patches to safeguard their systems and minimize exposure.

References

http://www.securitytracker.com/id/1036539
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/92316
vdb-entryx_refsource_BID
http://support.citrix.com/article/CTX215460
x_refsource_CONFIRM

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-6493 : Memory Permission Vulnerability in Citrix XenApp and XenDesktop Products