CVE-2014-4700

{"id": "CVE-2014-4700", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-07-11T14:55:04.650", "references": [{"url": "http://secunia.com/advisories/59889", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.citrix.com/article/CTX139591", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/68530", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1030566", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94460", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/59889", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://support.citrix.com/article/CTX139591", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/68530", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1030566", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94460", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups is enabled and ShutdownDesktopsAfterUse is disabled, allows local guest users to gain access to another user's desktop via unspecified vectors."}, {"lang": "es", "value": "Citrix XenDesktop 7.x, 5.x, y 4.x, cuando pooled random desktop groups est\u00e1 habilitado y ShutdownDesktopsAfterUse est\u00e1 deshabilitado, permite a usuarios locales invitados ganar acceso al escritorio de otro usuario a trav\u00e9s de vectores no especificados."}], "lastModified": "2024-11-21T02:10:44.110", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:citrix:xendesktop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FA185E5-E44B-4612-B7EB-77BD4441175D", "versionEndIncluding": "5.6", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:citrix:xendesktop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86BC010B-FDC6-43D9-A453-2A3C9418CC53", "versionEndIncluding": "7.11", "versionStartIncluding": "7.0"}, {"criteria": "cpe:2.3:a:citrix:xendesktop:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02FFA689-533D-4BE2-8E89-FBD5D4A558F6"}, {"criteria": "cpe:2.3:a:citrix:xendesktop:4.0:fp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A243336E-1F68-4C13-BA96-528188230E52"}, {"criteria": "cpe:2.3:a:citrix:xendesktop:4.0:fp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45E02090-560F-4F10-B456-7F6D2814C817"}, {"criteria": "cpe:2.3:a:citrix:xendesktop:5.6:fp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EE553AD-08F8-4F09-80FD-F6BC11D9B23A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}