CRITICAL🇵🇱 Wersja polska

CVE-2016-5302

CVSS 9.8v3.0pub. 2016-06-13upd. 2026-05-06

Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Citrix Xenserver

    APP
    Citrix
    ≤ 7.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-14007CRITICAL9.8ten sam produkt

Citrix XenServer 7.1 and newer allows Directory Traversal.

CVE-2015-7705CRITICAL9.8ten sam produkt

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have un...

CVE-2012-4606HIGH7.8ten sam produkt

Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 c...

CVE-2018-19961HIGH7.8ten sam produkt

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain h...

CVE-2018-19962HIGH7.8ten sam produkt

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain h...