Lucene search
K
CitrixXendesktop

8 matches found

CVE
CVE
added 2020/11/16 12:35 a.m.119 views

CVE-2020-8269

Citrix CVE-2020-8269 affects Citrix Virtual Apps and Desktops (VDA, App-V Service, UPS) with privilege escalation to SYSTEM. The root cause is unauthenticated/low-privilege user could execute arbitrary commands on the VDA or related components due to write access to C:\ or OS command handling vul...

9CVSS8.8AI score0.0257EPSS
CVE
CVE
added 2021/08/05 8:16 p.m.106 views

CVE-2021-22928

Summary: CVE-2021-22928 is a local privilege-escalation vulnerability in Citrix Virtual Apps and Desktops (VDA) when Citrix Profile Management or the Citrix Profile Management WMI Plugin is installed. The root cause is related to improper access control allowing a user on a Windows VDA to elevate...

7.8CVSS7.7AI score0.00248EPSS
CVE
CVE
added 2020/12/14 7:40 p.m.85 views

CVE-2020-8283

CVE-2020-8283 affects Citrix Virtual Apps and Desktops (UPS on Windows) where an authenticated user on a Windows host running Universal Print Server can perform arbitrary command execution as SYSTEM. The issue is documented across sources (NVD entry and Red Hat advisory) and is tied to affected p...

9CVSS8.8AI score0.0257EPSS
CVE
CVE
added 2016/06/01 10:0 p.m.57 views

CVE-2016-4810

CVE-2016-4810 affects Citrix Studio (bundled with Citrix XenApp/XenDesktop). The vulnerability allows an unauthenticated attacker to cause insecure Access Policy configuration on the XenDesktop Delivery Controller by using unspecified vectors. Affected versions include Citrix Studio before 7.6.10...

7.5CVSS7.4AI score0.0086EPSS
CVE
CVE
added 2013/11/05 6:0 p.m.50 views

CVE-2013-6077

The vulnerability CVE-2013-6077 affects Citrix XenDesktop 7.0 when upgraded from XenDesktop 5.x, where policy rule permissions may not be enforced, enabling a remote attacker to bypass intended restrictions. Affected: XenDesktop 7.0 upgrades from 5.x (customers upgrading from 5.6 or earlier to 7....

5.8CVSS6.9AI score0.01674EPSS
CVE
CVE
added 2014/07/11 2:0 p.m.49 views

CVE-2014-4700

CVE-2014-4700 affects Citrix XenDesktop 4.x, 5.x, and 7.x when pooled random desktop groups are enabled and ShutdownDesktopsAfterUse is disabled. The vulnerability allows a local guest to gain access to another user’s desktop via unspecified vectors. The issue is tied to the non-default configura...

4.9CVSS6.7AI score0.00606EPSS
CVE
CVE
added 2016/08/19 9:0 p.m.48 views

CVE-2016-6493

CVE-2016-6493 describes a memory permission weakness in Citrix XenApp/XenDesktop that could weaken an existing security mitigation. Affected: Citrix XenDesktop up to 7.8; XenApp 7.x up to 7.8; XenApp 6.x up to 6.5 HRP06. Remediation: upgrade to XenDesktop/XenApp 7.9+ and XenApp 6.5 HRP07+ (XenApp...

9.8CVSS9.2AI score0.02189EPSS
CVE
CVE
added 2012/12/26 10:0 p.m.46 views

CVE-2012-6314

CVE-2012-6314 affects Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x prior to 5.6.200. The issue is that server‑side USB redirection policy changes are not propagated to the VDA, allowing authenticated users to retain access to USB devices even after policy disables USB redirection. The vuln...

5CVSS6.5AI score0.01778EPSS