Vulnerability Details CVE-2016-5302
Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2016-5302
-
cpe:2.3:a:citrix:xenserver:4.1
-
cpe:2.3:a:citrix:xenserver:5.0
-
cpe:2.3:a:citrix:xenserver:5.5
-
cpe:2.3:a:citrix:xenserver:5.6
-
cpe:2.3:a:citrix:xenserver:6.0
-
cpe:2.3:a:citrix:xenserver:6.0.2
-
cpe:2.3:a:citrix:xenserver:6.1
-
cpe:2.3:a:citrix:xenserver:6.1.0
-
cpe:2.3:a:citrix:xenserver:6.2.0
-
cpe:2.3:a:citrix:xenserver:6.5
-
cpe:2.3:a:citrix:xenserver:6.5.0
-
cpe:2.3:a:citrix:xenserver:7.0