CVE-2013-6077

Published: Nov 5, 2013Modified: Apr 29, 2026

5.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability: 8.6 / Impact: 4.9

Source: NVD

Description

Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions.

Affected (1)

Products: Citrix: Xendesktop

Citrix

1 product

Xendesktop

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Citrix Xendesktop	Version 7.0

Related CWEs

CWE-264

References (4)

http://osvdb.org/98890

Source: cve@mitre.org

http://support.citrix.com/article/CTX138627

Source: cve@mitre.org

Vendor Advisory

http://osvdb.org/98890

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.citrix.com/article/CTX138627

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.