CVE-2013-6077

EUVD-2013-5906
Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
Affected Products (NVD)
VendorProductVersion
citrixxendesktop
7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/98890
http://support.citrix.com/article/CTX138627
http://osvdb.org/98890
http://support.citrix.com/article/CTX138627