#VU9711 Denial of service in Citrix XenServer
Vulnerability identifier: #VU9711
Vulnerability risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-284
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Citrix XenServer
Server applications /
Other server solutions
Vendor: Citrix
Description
The vulnerability allows an adjacent high-privileged attacker to cause DoS condition on the host system.
The weakness exists due to unspecified error. An adjacent attacker can cause the host system to crash.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Citrix XenServer: 7.1 - 7.2
External links
http://support.citrix.com/article/CTX230624
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
