2 matches found
Citrix XenServer Active Directory Authentication Incorrect Host Management Security Bypass (CTX213549, CTX213769)
The version of Citrix XenServer running on the remote host is 7.x prior to 7.0 hotfix XS70E003. It is, therefore, affected by a security bypass vulnerability due to incorrect handling of Active Directory AD credentials. An unauthenticated, remote attacker on the management network with AD...
CVE-2016-5302
CVE-2016-5302 affects Citrix XenServer 7.0 before hotfix XS70E003, where deployments upgraded from an earlier release are vulnerable to AD credential abuse on the management network. An unauthenticated attacker with AD credentials for an account not authorized to manage a XenServer host can remot...