4 matches found
CVE-2026-42486
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...
CVE-2026-42486 Multiple RBAC issues in XAPI
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...
EUVD-2026-42607
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...
CVE-2026-23559
CVE-2026-23559 (and related RBAC issues 23560–23562, 42486) affect XAPI in XenServer/XCP-ng where a vm-admin can abuse RBAC to gain higher privileges, including arbitrary read/modify of dom0 files via VBD.other_config, alter system-domain status, disrupt PBD/storage-domain mappings, and potential...