XAPI: guest-triggered excessive memory usage

ISSUE DESCRIPTION Certain xenstore keys provide feedback from the guest, and are therefore watched by toolstack. Specifically, keys are watched by xenopsd, and data are forward via RPC through message-switch to xapi. The watching logic in xenopsd sends one RPC update containing all data, any time...

CVE-2020-26068

A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. The vulnerability is due to insufficient access authorization. An attacker could exploit this...

CVE-2020-26068 Cisco Telepresence CE Software and RoomOS Software Unauthorized Token Generation Vulnerability

A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. The vulnerability is due to insufficient access authorization. An attacker could exploit this...

CVE-2020-26086

A vulnerability in the video endpoint API xAPI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper storage of sensitive information on an affected...

Design/Logic Flaw

A vulnerability in the video endpoint API xAPI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper storage of sensitive information on an affected...

CVE-2020-26086

CVE-2020-26086 relates to Cisco TelePresence Collaboration Endpoint Software. A vulnerability in the video endpoint API (xAPI) could allow an authenticated, remote attacker to access sensitive information due to improper storage of sensitive data on the device. The issue affects the xAPI componen...

Cisco TelePresence Collaboration Endpoint Software Information Disclosure Vulnerability

A vulnerability in the video endpoint API xAPI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper storage of sensitive information on an affected...

CVE-2020-3143

A vulnerability in the video endpoint API xAPI of Cisco TelePresence Collaboration Endpoint CE Software, Cisco TelePresence Codec TC Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is...

Directory traversal

A vulnerability in the video endpoint API xAPI of Cisco TelePresence Collaboration Endpoint CE Software, Cisco TelePresence Codec TC Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is...

CVE-2020-3143 Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability

A vulnerability in the video endpoint API xAPI of Cisco TelePresence Collaboration Endpoint CE Software, Cisco TelePresence Codec TC Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is...

CVE-2020-3143

The CVE-2020-3143 issue affects Cisco TelePresence CE/TC/RoomOS software via the xAPI in the video endpoint API, where insufficient input validation allows directory traversal to read/write arbitrary files. Exploitation requires an authenticated In‑Room Control or administrator account, with netw...

Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability

A vulnerability in the video endpoint API xAPI of Cisco TelePresence Collaboration Endpoint CE Software, Cisco TelePresence Codec TC Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is...

XAPI HTTP directory traversal

ISSUE DESCRIPTION XAPI has an unauthenticated HTTP endpoint update/ which exports the contents of /var/update for other hosts to use. However, the resolution of . and .. in paths is performed before url unquoting is performed. This allows an attacker to traverse out of the web root. IMPACT An...

CVE-2017-5572

An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database...

Design/Logic Flaw

An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators...

Design/Logic Flaw

An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database...

CVE-2017-5573

CVE-2017-5573 affects Citrix XenServer (Linux Foundation xapi). An authenticated read-only administrator can cancel tasks of other administrators. The connected documents describe the vulnerability and impact but do not provide root-cause details, affected versions beyond XenServer up to 7.0, exp...

CVE-2017-5572

CVE-2017-5572 affects Citrix XenServer (Linux Foundation xapi) up to version 7.0. An authenticated read-only administrator can corrupt the host database, as described in multiple sources. CVSS data from NVD indicates network-based access with low complexity and partial integrity/availability impa...

misplaced free in ocaml xc_vcpu_getaffinity stub

ISSUE DESCRIPTION The ocaml binding for the xcvcpugetaffinity function incorrectly frees a pointer before using it and subsequently freeing it again afterwards. The code therefore contains a use-after-free and double-free flaws. IMPACT An attacker may be able to cause a multithreaded toolstack...