Описание
Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have unspecified impact via unknown vectors.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:citrix:cloudplatform:3.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:cloudplatform:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:citrix:cloudplatform:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:citrix:cloudplatform:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:citrix:cloudplatform:3.0.6:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01904
Низкий
7.5 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have unspecified impact via unknown vectors.
EPSS
Процентиль: 83%
0.01904
Низкий
7.5 High
CVSS2
Дефекты
CWE-264