CVE-2012-4606

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-4606
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.securityfocus.com/bid/55432 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:citrix:xenserver:4.1:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:5.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:5.0:update_3:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:5.5:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:5.6:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:5.6:common_criteria:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:5.6:fp1:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:5.6:sp2:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2020-01-23 22:15

Updated : 2023-12-10 13:13

NVD link : CVE-2012-4606

Mitre link : CVE-2012-4606

CVE.ORG link : CVE-2012-4606

JSON object : View

Products Affected

citrix

  • xenserver
CWE
CWE-269

Improper Privilege Management