CVE-2016-9382 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 31%

Affected Products (NVD)

Vendor	Product	Version
xen	xen	4.0.0
xen	xen	4.0.1
xen	xen	4.0.2
xen	xen	4.0.3
xen	xen	4.0.4
xen	xen	4.1.0
xen	xen	4.1.1
xen	xen	4.1.2
xen	xen	4.1.3
xen	xen	4.1.4
xen	xen	4.1.5
xen	xen	4.1.6.1
xen	xen	4.2.0
xen	xen	4.2.1
xen	xen	4.2.2
xen	xen	4.2.3
xen	xen	4.2.4
xen	xen	4.2.5
xen	xen	4.3.0
xen	xen	4.3.1
xen	xen	4.3.2
xen	xen	4.3.3
xen	xen	4.3.4
xen	xen	4.4.0
xen	xen	4.4.1
xen	xen	4.4.2
xen	xen	4.4.3
xen	xen	4.4.4
xen	xen	4.5.0
xen	xen	4.5.1
xen	xen	4.5.2
xen	xen	4.5.3
xen	xen	4.5.5
xen	xen	4.6.0
xen	xen	4.6.1
xen	xen	4.6.3
xen	xen	4.6.4
xen	xen	4.7.0
xen	xen	4.7.1
citrix	xenserver	6.0.2
citrix	xenserver	6.2.0
citrix	xenserver	6.5
citrix	xenserver	7.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

xen

bookworm	4.17.3+10-g091466ba55-1~deb12u1 fixed
bullseye	4.14.6-1 fixed
bullseye (security)	4.14.5+94-ge49571868d-1 fixed
sid	4.17.3+36-g54dacb5c02-1 fixed
trixie	4.17.3+36-g54dacb5c02-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

xen

precise	Fixed 4.1.6.1-0ubuntu0.12.04.13 released
trusty	Fixed 4.4.2-0ubuntu0.14.04.9 released
xenial	Fixed 4.6.0-1ubuntu4.3 released
yakkety	Fixed 4.7.0-0ubuntu2.1 released
zesty	Fixed 4.8.0-1ubuntu1 released

Common Weakness Enumeration

CWE-264 -

References

http://www.securityfocus.com/bid/94470

http://www.securitytracker.com/id/1037341

http://xenbits.xen.org/xsa/advisory-192.html

https://security.gentoo.org/glsa/201612-56

https://support.citrix.com/article/CTX218775

http://www.securityfocus.com/bid/94470

http://www.securitytracker.com/id/1037341

http://xenbits.xen.org/xsa/advisory-192.html

https://security.gentoo.org/glsa/201612-56

https://support.citrix.com/article/CTX218775